| | Business Message Service (BMS) | | |
|---|
| Business Message Service (BMS): | | 1. The objective is to provide an email service that does not leak private, confidential or sensitive information. | | 2. Business Message Service uses the public envelope and private letter method to communicate business information with different people. | | 3. The public envelope is a normal email that will be copied by agencies in all parts of the world - the envelope does not contain any busienss information. | | 4. The private letter is the encrypted contents of the envelope that cannot be copied by third parties - business information is kept safe and secure without being leaked to agencies with access to all Internet traffic. | | 5. Policy: Email is no longer fit-for-purpose and shall not be used to communicate private, confidential or sensitive business information. |
| Legal Obligations: | | 1. Privacy and Electronic Communication Regulation (PECR) is at the heart of all business message legal obligations. | | 2. Before a person is shown any communication, evidence that the person consents to that communication must be gathered. | | 3. With each and every communication, the person must be given the right to unsubscribe and withdraw consent to them being shown the communication contents. | | 4. Subscription management means that every person known to the Bespoke Application Service may subscribe or unsubscribe to any type communication. People have the right to view their subscription evidence and may change their mind at any time. | | 5. Policy: Email is no longer fit-for-purpose may not be able to provide adequate subscription evidence. It is easy to see which companies comply with UK laws because they show an "unsubscribe" link on every email. People should choose not to do business with a company that chooses not to comply with UK laws and may be able to claim compensation for their rights not being respected. | | 6. People will quickly learn not to do business with any company that leaks private, confidential and sensitive business information by email or phone. |
| Observation: | | 1. As an example of a company that understands and has embraced UK communication laws, HMRC is worthy of commendation. | | 2. HMRC first level support people have no access to sensitive private information and so cannot be intimidated into disclosing something that is private. | | 3. HMRC email services never disclose any private information, but will offer links to how people may identify themselves and consent to view messages. | | 4. Email links are shown in plain text so any phishing attach that tries to impersonate a HMRC communication will be seen as a fake. |
| BMS Example: | | 1. For any object in the Bespoke Application Service (BAS), any number of tasks can be associated and any task can become an email. | | 2. For example: a support request can be added on behalf of an approved person and that support request can have a task added with a type as email. The email is a public envelope with a link to show the private support request. | | 3. A benefit of BMS is that the approved person who views the private message is able to reply and respond to questions within an encrypted private application service. A benefit is that business information can be added and corrected without any manual transcription from an email reply that leaks data to other parties. | | 4. Request Consumption is a standard procedure that involves communicating existing-contract and service details with a LoA to an existing supplier - private and confidential information that legally must not be leaked by email. The supplier has the option of completing the existing contract actual annual consumption values when viewing the data in a private and encryption protected environment. | | 5. Request Rates is a standard procedure that involves communicating proposed-contract and service details with a LoA to a number of proposed suppliers - private and confidential information that legally must not be leaked by email. The supplier has the option of completing the proposed contract rates when viewing the data in a private and encryption protected environment. | | 6. Customer Quotation is a standard procedure that involves communicating a number of proposed-contract summary details to the customer - private and confidential information that legally must not be leaked by email. The customer has the option of selecting a proposed contract of their choice when viewing the data in a private and encryption protected environment. | | 7. Proforma Invoice is a standard procedure that involves communicating a current-contract summary details to the supplier - private and confidential information that legally must not be leaked by email. The supplier has the option of entering the actual consumption details with the commissions payable when viewing the data in a private and encryption protected environment. | | 8. Sales Invoice is a standard procedure that involves communicating a sales invoice to the supplier and/or customer - private and confidential information that legally must not be leaked by email. The supplier or customer has the ability to view all prior invoice details to verify the payment history. When the payment is banked, the payment details are added to the account recievables and the invoice marked as paid. | | 9. Termination Notice is a standard procedure that involves communicating current-contract and service details with a LoA to the supplier - private and confidential information that legally must not be leaked by email. The supplier can view full details of the current contract history and will note that immutable evidence of the termination notice has been recoded. |
| Forgotten Pass-Phrase Procedure: | | 1. Virtually every publicly available forgotten password procedure is flawed and can be hacked by agencies in all parts of the world. | | 2. To overcome the design problems with all such login systems, a more advanced authentication service is deployed with pass-phrases and one-time access-codes. | | 3. When a person forgets their permanent pass-phrase, they may ask their manager to request a one-time access-code. A one-time pass-phrase has a very short life cycle of 10 to 60 minutes as determined by the manager. | | 4. When the person signs in using their one-time access-code, they will be shown their permanent pass-phrase that will never be shown again. Technically, the permanent pass-phrase is derived and not stored so the permanent pass-phrase cannot be stolen. | | 5. A support request to generate a one-time access-code may have an associated task with a type as email. The public email envelope will be sent to the approved person who may click the link to view the one-time access-code. The approved person will use the one-time pass-phrase to sign in and view their permanent pass-phrase - that will disable the one-time access-code. Agencies who take copies of all emails will not be able to see the one-time access-code and the one-time access-code will have been used before a criminal could have time to impersonate the approved person. | | 6. Policy: Nobody can see an approved persons permanent pass-phrase other than the approved person who must never disclose the pass-phrase to any other person for any reason. | | 7. In practice, many other factors are involved to stop criminals such as network, geolocation, operating system, graphics resolution, time-of-day, etc.. |
| New Approved Person Procedure: | | 1. A manager has the right to add a new approved person and may grant that person rights equalt to or less than their own rights. The business message service may be used to communicate the new persons sign-in details when the manager is not in the same location as the approved person. | | 2. Once a new person has been added, the forgotten pass-phrase procedure as above is used to assign the new person their permanent pass-phrase. | | 3. Policy: The manager approving the new person can never see the permanent pass-phrase. | | 4. Policy: The permanent pass-phrase does not need to be changed every month. | | 5. Policy: The permanent pass-phrase is assigned with adequate strength with an expectation that it has not been reused by other application services. | | 6. A person who does not like their permanent pass-phrase may ask their manager for a one-time pass-phrase that will cause a new permanent pass phrase to be generated and shown when they one-time pass-phrase is used. The business rules that derive the permanent pass-phrase are continually evolving, so what is generated for one person will be very different to what is generated for a different person at a different time. |
| Public Email Purpose: | | * You received this SUBJECT message because you have been authorized to process these business messages. This SUBJECT message has been sent using plain text, so it is not permitted to contain or attach any private, confidential or privileged information. If you are the intended recipient, please click the following SUBJECT button to confirm that you opt-in to subscribe to this service. |
| Public Email Advice: | | * This SUBJECT message is for its intended recipient only and may contain private, confidential and privileged information that should only be used by the intended recipient. If you received this SUBJECT message in error, any use of this SUBJECT message is prohibited, so please inform the sender as shown above and delete this SUBJECT message. This SUBJECT message is believed to be free of virus or other defects but Internet communications cannot be guaranteed to be secure or error free and we do not accept any liability for any loss or damage from the receipt or use. This SUBJECT message has been scanned by security service and does not contain any malware or any hidden code that could contain malware. Opinions expressed in this SUBJECT message are not necessarily those of the company who reserve the right to monitor all messages. |
| Public Email Unsubscribe: | | * You have the right to unsubscribe and opt-out from this message by clicking on this link. You will have the right to opt-in and subscribe to any future messages. Personal subscription consent evidence is stored in complance with Privacy and Electronic Communications Regulations (PECR). | | * To fully comply with Privacy of Electronic Communications Regulations (PECR), you must formally opt-in and subscribe to receiving this kind of SUBJECT message and you have the right to opt-out and unsubscribe at any time. Information is retained to manage your personal subscription status. Please do not copy this SUBJECT message to any other person - it is for use by one named person only. If you do not wish to be sent any further SUBJECT messages, please click this button to unsubscribe. |
| Subject: Business message from Sender-Company-Ltd regarding quotation 12345678.
Hi To: Terry M. David Lloyd at Your-Company-Ltd.
Thank you for registering this email address to receive quotation messages on behalf of Your-Company-Ltd. To view your quotation message, please click the following address or copy and paste it to your browser:
http://www.computer-management.co.uk/wiki.c2/BAS_Email-Template/IN
To unsubscribe and opt-out from receiving your quotation message, please click the following address or copy and paste it to your browser:
http://www.computer-management.co.uk/wiki.c2/BAS_Email-Template/OUT
You will have the right to opt-in and subscribe to any future quotation messages. Information is retained to manage your personal subscription status.
This quotation message is for Terry M. David Lloyd only and may contain private, confidential and privileged information that should only be used by Terry M. David Lloyd. If you received this quotation message in error, any use of this quotation message is prohibited, so please delete this quotation message. This quotation message is believed to be free of virus or other defects but Internet communications cannot be guaranteed to be secure or error free and Sender-Company-Ltd do not accept any liability for any loss or damage from the receipt or use. This quotation message has been scanned by Sender-Company-Ltd security service and does not contain any malware or any hidden code that could contain malware. Opinions expressed in this quotation message are not necessarily those of Sender-Company-Ltd who reserve the right to monitor all quotation messages. This quotation message will expire in ten days.
Best regards from: Support Desk at Sender-Company-Ltd. |
| Protection: | | 1. The Data Protection Officer has specified the protection measures known as envelope-and-letter that must be applied to every communication to ensure it is not a data leak. | | 2. The Information Security Manager has deployed all applicable privacy methods needed to ensure that the business message service is safe, secure and demonstrably fit-for-purpose. | | 3. The Process Audit Manager has scheduled regular penetration tests designed to expose any communications vulnerability, including intimidation and impersonation. Staff are hereby informed that the person crying or shouting on a telephone call because they cannot do their daily job is likely to be a phishing attack by a security auditor. | | 4. Public email envelope messages shall use the approved standard email template and shall not contain any private, confidential or sensitive business information. The health, marital status, pregancy status, holidays or wellbeing of another person shall not be leaked by business phone or business email - private mobile phones may be used for private and intimate communications. | | 5. Each business message is monitored by its corresponding task and that task will imply its parent object that is the subject of the communication. The indirection of email to task to object means that a criminal is not able to compromise the URL or misuse the URL in any way. Messages to an approved person can only be accessed by that approved person and no other person - other people are told the message has expired. | | 6. The Incident Manager has the responsibility to continually monitor business message availability and criminal attacks on the domain. Many hundreds of criminal attacks are expected on a daily basis, but most are from people who are expermenting with standard vulnerability methods. When a new vulnerability is published, hundreds of attacks can be expected in the following hours, so patching has to be even faster. |
| DMARC: | | 1. Domain-based Message Authentication, Reporting and Conformance (DMARC) is an internation stadard method to manage spoofing, phishing and spam. | | 2. The email senders address can be faked with using private email services, but cannot be fakes when using professional email services like Business Message Service. | | 3. BMS has deployed Sender Policy Framework (SPF) to prevent spam. The SPF DNS text can take some hours to be distributed to all DNS servers. | | 4. BMS has deployed Domain Keys Identified Mail (DKIM) to prevent spam. The DKIM certificate can take some hours to be circulated to all email service providers. | | 5. Google, Microsoft and all major email service providers validate the senders DMARC certificate and reject messages as jumk where they do not comply. | | 6. Criminals generating spam from identified IP addresses will have their IP addresses blocked by the major email service providers. | | 7. The key benefit of DMARC is that a domain owner can prevent criminals using that domain to send spam to imitate messages being sent by the domain owner. A company providing an email service without DMARC will have criminals sending fake emails that are (virtually) identical to those sent by the company. | | 8. The Service Level Manager is obliged to send out business messages every hour to continually monitor availability and to prime DMARC certificates with all the leading email service providers. DMARC has a cost and that cost includes it being used on a regular basis and continual monitoring that criminals are not using the domain as a fake senders address. |
| Private Letter: | | 1. When the approved person clicks the consent link to view the business message, the browser opens an encrypted web page with three parts as: | | (1) Business message menu bar to identify the business message sender and recipient. | | (2) Menu bar to popup optional associated web pages such as prior history. | | (3) Form showing object fields with some protected and some for data entry - data entry directly into the CRM database. | | 2. The private letter enjoys either the approved persons current signed-in role or a bespoke role of "email" that means shared private (2000) web pages. | | 3. When the private letter is shown, the email task is updated to show the when the person consented to view the business message. When the person withdraws consent and unsubscribes, then the email taks is updated to show when the person withdrew consent and the persons profile is updated to change the preferred contact-by-method to "none". When the person ignores the public email envelope, an alarm is reaised after 3 days to state that the message has been ignored and alternative method of communication may be needed. |
| Task Data Usage: | | K1223 Work Done is subject of email | | K1229 Type is "support" | | K1227 Duration is time to expiry as "week" | | K1239 Method is "email" | | K1231 Priority is "normal" | | K1235 Message is blank for the recipient to write a reply | | K1224 To Do is blank for the recipient | | K1225 Who is the selected recipient name of an approved person | | K1226 date is expiry date or when recipient viewed the message | | K1236 time is expiry time or when recipient viewed the message | | K1237 Duration is not used | | K1238 Method is "email" when viewed | | K1230 State is "To do" when sent and "Done" when viewed | | K1240 comment is senders comment |
| Email Theft: | | 1. The majority of data breaches are from email folders where emails contain private and confidential business information. | | 2. People may store emails on portable computing devices that are lost or stolen - the requirement is to ensure that when emails are stolen, business information is not stolen. | | 3. Every email has an expiry date and time that is typically one week after it was sent. | | 4. The expiry date and time can be changed so when a persons phone is stolen, all emails to that person are marked as expired - not a data breach. | | 5. To minimise the liability of a data breach fine, BMS enables emails that have been sent to be marked as expired so business information cannot be viewed. It is clear that hundreds of people who had bank accounts in Panama wished they could expire the emails they had sent to their bank before everything was disclosed to the world. |
| Document Control: | | 1. Document Title: Business Message Service. | | 2. Description: Business Message Service. | | 3. Keywords: Business Message Service. | | 4. Privacy: Shared with approved people for the benefit of humanity. | | 5. Edition: 1.2. | | 6. Issued: 4 Jan 2018. |
|
|