Welcome Visitor: Login/Register

HMG Security Policy Framework compliance and janusSEAL

The Government Protective Marking System made easy for users

UK flagGovernment Departments and Agencies in the United Kingdom (UK) must abide by the Security Policy Framework issued by the Cabinet Office.

A janusSEAL solution allows staff of Departments and Agencies to quickly and easily apply the UK's Government Protective Marking System to information assets such as email messages and Microsoft Office files.

 

What are Protective Markings and why are they useful?

SECRET stampA Protective Marking, as the name implies, is a marking on a document or piece of information which identifies the confidentiality requirements of the information. It also conveys those protective requirements to all those who handle it. Protective markings are also known as security classification labels.

It is the ease with which other people and (in the electronic information space) other IT systems can interpret and understand the protective marking that shows their benefit.

 

Her Majesty's Government mandates use of Protective Markings on information assets

The use of protective markings in the UK government is defined in Her Majesty's Government Security Policy Framework (SPF) in which it is mandated that:

  1. Departments and Agencies must apply the [Government] Protective Marking System... (MR11)
  2. ...Assets must be clearly and conspicuously marked... (MR 19b)
  3. ...Only the originator or designated owner can protectively mark an asset... (MR19c)

The Government Protective Marking System (GPMS) is defined in the Framework as comprising the five security classifications, in ascending order of sensitivity

  • PROTECT
  • RESTRICTED
  • CONFIDENTIAL
  • SECRET
  • TOP SECRET

The classification UNCLASSIFIED or NOT PROTECTIVELY MARKED is used for government information to assert that a protective marking is not needed because the information is not sensitive.

For the purposes of confidentiality, these classifications can also be mapped to the Business Impact Levels (BILs) discussed in SP4.

 

How does janusSEAL help to achieve HMG SPF compliance?

A simple solution to comply the protective marking requirements of the HMG Security Policy Framework is to:

  • deploy janusSEAL for Outlook software to all staff desktops in the Department or Agency
  • configure janusSEAL for Outlook on all staff desktops using the pre-made configuration templates based on the UK Government Protective Marking System

In more advanced deployments the Department or Agency would also use other janusSEAL products and janusNET's expert knowledge to enable protective marking capability across a wider range of email clients and devices, such as:

  • deploy janusSEAL for OWA to all Microsoft Exchange servers in the Department or Agency with Outlook Web Access (OWA) enabled; this will allow senders to protectively mark emails sent from any web browser using the OWA system.
  • deploy janusSEAL for Pocket Outlook to all Windows Mobile 5 and 6 devices; this will allow senders to protectively mark emails sent from Pocket Outlook on Windows Mobile.
  • deploy janusSEAL Documents to all staff desktops in the Department or Agency; this allows authors of Microsoft Office files to protectively mark their Word documents, Excel spreadsheets and PowerPoint presentations.
  • configure message classifications on BlackBerry Enterprise Server; this will allow senders to protectively mark emails sent from BlackBerry devices with no additional software required.

Deploying janusSEAL in these ways makes it easy to comply with the protective marking requirements of HMG SPF by:

  1. HMG SPF MR11 - ...must apply the Protective Marking system...
    janusSEAL is easily configured to use the GPMS and ensures electronic information assets such as e-mail messages, meeting requests, assigned tasks and Microsoft Office files have protective markings. janusSEAL is supplied with a pre-made configuration template which complies with the Government Protective Marking System; it is also available for download from our forums area.
    janusSEAL for Outlook classification dialog with GPMS
    janusSEAL for Outlook's On Send Classification Dialog prompting the sender to apply a security classification to the message. janusSEAL for Outlook has been configured with the 'factory supplied' GPMS security classification schema. The sender has hovered their mouse over the RESTRICTED security classification so janusSEAL is showing the (configurable) tooltip for this classification.

  2. HMG SPF MR19b - Assets must be clearly and conspicuously marked.
    janusSEAL has numerous configuration settings about where and how to apply protective markings. janusSEAL can put the markings in message header fields, subject lines, at the start and end of the message body, in Office file fields and in the text, header, footer and watermark areas. The configuration settings also let you use a variety of string tokens related to the security classification and you can also control the font, formatting and paragraph alignment for markings in the message body.
    janusSEAL for Outlook message read view
    An example message containing a number of protective markings (security labels) as set by janusSEAL for Outlook. Some of these protective markings are visible to the recipient as seen here, and others are designed for use by other IT systems like the Internet message extension headers (metadata fields).

  3. HMG SPF MR19c - Only originator...can protectively mark an asset.
    janusSEAL relies on the notion that the person sending the message is the person best able to specify its sensitivity in the form of a security classification. That is why the sender is always forced to select a security classification.
    With Office files there can be numerous authors of the file over its lifetime. janusSEAL allows each to be the originator but any changes in the security classification are audited.

 

Get the whitepaper

This page is an abbreviation of a whitepaper janusNET has written on using janusSEAL in Her Majesty's Government. If you would like a copy of the whitepaper you can request it from this page.

 

Evaluate janusSEAL

To obtain a fully working evaluation version of a janusSEAL product click here.

Contact janusSEAL's Distributors in the UK

Softek is the authorised distributor for the janusSEAL products in the United Kingdom and Ireland.

  • call: 08456 443 911
  • e-mail:
  • web: http://www.softek.co.uk/

 

 

Level 5, 75 Miller St
North Sydney NSW 2060 Australia
ABN: 80 112 197 690

Australia: 1300-795-078
International: +61 2 9962 8141
info@janus.net.au