Responding to the challenge of how to effectively share confidential information with external parties, in 2011 18 London councils in partnership with Capital Ambition set up the ‘Secure Communications with third parties’ project. The approach brought together experts and specialisms from across London in order to select a robust and comprehensive solution that would improve communication and protect sensitive information shared outside secure government networks.
Reflecting on success
Two years on from the selection of market leading email and file encryption solution by Egress, project co-founder Croydon Council and Egress Software Technologies reflect on the major success of the project and how it has inspired other councils across the country to consider similar collaborative projects.
As in 2011, data security remains a major consideration for Croydon Council, with employees across all departments required to share confidential information with external organisations, including health and social care bodies, service delivery partners and law firms. Prior to deploying Egress, the council had relied on a variety of methods when sharing information with those outside of secure government networks. However, not only did some of these mechanisms lack appropriate levels of security, but as multiple products were being used, it was also difficult to manage and control where the information was being shared.
“Over the last two years, Egress has not only streamlined processes for both council employees and third parties, but it has also raised awareness around the importance of data security and information governance.”
Lauren White, ICT Project Manager, Croydon Council
Using Egress, however, the council has been able to centralise the data sharing process. “Egress has enabled us to establish a clear, council-wide policy for how to send emails securely,” explains Croydon Council’s ICT Project Manager Lauren White. “Over the last two years, Egress has not only streamlined processes for both council employees and third parties, but it has also raised awareness around the importance of data security and information governance.” As Egress can be deployed based upon an individual organisation’s data security policy, users are prompted to apply encryption depending on factors such as message or attachment content and size, as well as domain type and subject heading. Alternatively, this information can be used to automatically enforce encryption, ensuring that organisations can remain protected at all times.
“Moreover, Egress’ audit functionality provides a log of where information has been sent, by whom and who has accessed it,” continues Lauren. “Alongside this, the ability to place limitations on what recipients can do with the information shared with them means that the council remains in control of sensitive information, even after it has left our offices. Consequently, Egress gives citizens, customers, external suppliers and third party agencies the confidence that their information is being sent securely.”
Egress Software Technologies Chief Executive Officer Tony Pepper comments: “We are delighted to see the positive impact that Egress has had for the London Borough of Croydon, as well as for other councils across the capital over the last two years. By working collaboratively to embrace leading-edge technology, London councils, and in particular Croydon, have benefitted from a comprehensive secure data exchange solution that protects the information they share externally, as well as providing considerable cost savings and efficiency gains. As a result, a project started by a group of councils in London has now been adopted by over 70% of local authorities across the UK.
“Two years on from this project, we continue to innovate and build upon our security platform so that customers can benefit from complimentary encryption services and unparalleled levels of information assurance. As a result, in October 2013 Egress became the only UK Government CPA Foundation Grade certified email encryption product, which makes it suitable for sharing IL2 and low-threat IL3 data over the internet to government departments, supply chain and third sector organisations. Through on-going innovation and investment in Egress, we are committed to providing the highest level of service to all our customers. In doing so, end-users can continue to protect sensitive data easily, avoiding regulatory fines and unnecessary reputational damage.”