Email Protective Marking Standard

The Email Protective Marking Standard for the Australian Government (Revised in September 2011) formalizes the use of email classification by mandating the use and format of protective markings for all email messages exchanged within and between Australian Government agencies. Protective markings are used to convey the protection requirements for information contained in a message and use the classification system defined in the Australian Government Information Security Management Protocol.

The standard outlines markings which were introduced specifically for email messages which correspond to the Australian Government Information Security Management Protocol security classifications:

– UNOFFICIAL
– UNCLASSIFIED
– PROTECTED
– CONFIDENTIAL
– SECRET
– TOP-SECRET

Once an email message has been identified with a security classification, a corresponding protective marking must be assigned to the information. The marking indicates:

  • That the information has been security classified
  • The sensitivity of the information
  • The level of protective procedures must be provided during the use, storage, transmission, transfer and disposal of the information (eg secure sockets layer (SSL), encryption or a secure network which only transmits national security information).

A protective marking indicates to all users the level of protection the information needs. The system therefore provides an assurance that information of broadly equivalent worth or value is given an appropriate and consistent level of protection.

TITUS supports these standards in both Microsoft Outlook and Microsoft OWA clients, as well as the Microsoft Office suite, and other files. TITUS allows for the application of security classifications, protective markings, and offer configurable protective control for emails, documents and other files.

Information Security Core Policy

The Australian Government Information Security Core Policy issued in June 2010 states that the government expects all those who access or hold information to fulfill government functions to also be accountable for protecting it. There are 4 mandatory requirements outlined in this policy that TITUS can help organizations address for compliance:

  1. Agencies must implement policies and procedures for the security classification and protective control of information assets (in electronic and paper-based formats) which match their value, importance and sensitivity.
  2. Agencies must document and implement operational procedures and measures to ensure information, information and communication technology (ICT) systems and network tasks are managed securely and consistently, in accordance with the level of required security.
  3. Agencies must have in place control measures based on business owner requirements and assessed/accepted risks for controlling access to all information, ICT systems, networks (including remote access), infrastructures and applications. Agency access control rules must be consistent with agency business requirements and information classification as well as legal obligations.
  4. Agencies must ensure that agency information security measures for all information processes, ICT systems and infrastructure adhere to any legislative or regulatory obligations under which the agency operates.

TITUS supports these standards in both Microsoft Outlook and Microsoft OWA clients, as well as the Microsoft Office suite, and other files. TITUS allows for the application of security classifications, protective markings, and offer configurable protective control for emails, documents and other files.

TITUS Message Classification for Microsoft Outlook and Outlook Web Access (OWA) support the requirements of these standards. This easy to use solution allows Australian government agencies to comply with these policies and also enables agencies to force their users to apply markings and classify their information before sending any electronic mail. TITUS Message Classification enables Australian government agencies to quickly configure or modify the classification markings for all of their users via TITUS' centralized administration tools that work with Microsoft Active Directory.

The Australian Government Information Management Office (AGIMO) guidelines and Defence Signals Directorate (DSD) policies formalizing the use of BlackBerrys in government require compliance with the email protective marking standard. Australian government customers can now deploy BlackBerry classification and the TITUS software on the desktop with the confidence that the platforms will interoperate seamlessly. By allowing users to classify e-mails, customers are able to introduce BlackBerry devices while protecting information in compliance with AGIMO rules, the Attorney-General's Protective Security Manual regulations, and DSD's ACSI33.

TITUS Classification for Microsoft Office enables Australian government agencies to comply with these policies by allowing agencies to force their users to apply markings and classify their Microsoft Office Word, Excel and PowerPoint documents before being saved or printed. TITUS Classification for Microsoft Office complements TITUS Message Classification which can check the sensitivity of a document attached in an email and ensure compliance to standards.

TITUS Classification for Desktop enables Australian government agencies to comply with these policies by allowing users to classify any file on their desktop. With TITUS Classification for Desktop, users can classify any file type such as maps, images, charts, multimedia files, and recordings through Microsoft Windows Explorer.

Australian Customers

TITUS' Australian customer base consists of over 30 federal government departments, including:

  • Australian Department of Defence
  • Australian Taxation Office
  • Department of Environment and Heritage
  • Department of Finance and Administration
  • Department of Transport and Regional Services
  • Department of Education, Science and Training
  • Australian Competition and Consumer Commission

These Australian organizations have all selected TITUS software in order to meet government information and communications security requirements.

Data Classification

Message Classification
Classifies, labels, and protectively marks email in Microsoft Outlook, Outlook Web Access, and mobile devices. This allows organizations to comply by ensuring every email is classified and protectively marked before being sent.

Classification for Microsoft Office
Classifies, labels, and protectively marks documents in Microsoft Office Word, Excel, and PowerPoint. This allows organizations to comply by ensuring every document is classified and protectively marked before being saved or printed.

Classification for Desktop
Classifies any file type in Windows Explorer, including Adobe PDF, multimedia files, and CAD documents.

SharePoint Security

Metadata Security
Restricts access to documents in SharePoint based on the document’s metadata properties in order to ensure the right people are seeing the right information.

Document Policy Manager
Applies visual labels to existing and new documents automatically in order to help comply with marking requirements. Converts documents to Adobe PDF to protect against unauthorized editing of sensitive information.

Book Live Demo
Watch Video
Free Trial
Learn More