Business Message Portfolio

Print this Page	1.1 Portfolio 50. Business Message Portfolio	Close this Page

1.1.50 Business Message Portfolio:

1. Every application service has a complex relationship with emails. Emails evolved without standards in an era when security and privacy was of little importance.

2. Email-Client services are dominated by advert-funded Google and Microsoft email products. This duopoly of vendors cannot be broken by commercial vendors who need revenue to pay for the costs.

* BMS Catalogue

* BMS Portfolio

* Portfolio Email Policy

2. Glossary:

1. "Email-Client" means:-

* Google Gmail or

* Microsoft Outlook Mail.

2. "PECR" means Privacy and Electronic Communications Regulations as UK law.

3. "GDPR" means General Data Protection Regulations as UK law.

3. "ICO" means Information Commissioners Office who enforce PECR and GDPR by fines.

3. Strategy:

1. It is not practical to provide a better inbox than what is provided free of charge by Google and Microsoft. Personal inbox email experience now exceeds 20 years and nobody likes a change, even it its better.

2. While Google and Microsoft have cornered the market for person inbox messages, these products are no fit-for-purpose in a business context. Businesses have very different requirements to the traditional inbox such as shared messages and the archive of critical communications. USA law is rather relaxed on privacy, but European laws like PECR and GDPR mean that using a traditional email is not legal.

3. Every email will be copied and read by many agencies in many parts of the world - the data collated may be sold to thrd parties. It is totally unacceptable to communicate private, confidential and privileged information by email - email is not good enough for business use.

4. Business Requirements:

1. Backup: people need to be able to backup a document from their desktop to safe, secure and replicated data centers. An upload service is provided to a "cloud drive" that can be viewed like file explorer and downloaded when needed. A simple backup email address is provided to make the upload as easy as sending an email with attachment. Security business rules define who can upload and who can download a document - business rules include when and where. Every uploaded document is stored with its uploaded date and time - so if a document is uploaded 5 times, all 5 editions exist to be downloaded. When a document is downloaded, the original edition remains on the cloud drive and cannot be deleted, changed or corrupted.

2. Diary: people need a copy of their diary of appointments and events. A simple click on the diary menu will popup the names of the people who are approved to view that data, select the name and the email of the diary is sent. This is an example of the "What-Who" method of working where WHAT is to be emailed is selected and then WHO is to be the recipient is selected.

3. Minutes: of a meeting can be prepared with optional attachments and a distribution list of names. A simple click on the minutes menu will send the minutes to each person named in the distribution list.

4. Reply: to an incoming message is managed with a date and time order list of messages for each named business associate. When a message came in and when a message was sent out can be viewed at a glance in order - no separation of Inbox and Sent folders. The reverse is also easy to see when a message was sent out and if the person has replied at a later date and time.

5. Folder Per Person: is automatically managed for outgoing and incomming messages - everything is collated in date and time order. A consolidated view per company involving many people may also be viewed, just in case a different person replies to a message or a message was sent to a different person at the same company. Without any manual moving of messages between folders, messages can be viewed in many alternative spread sheet views.

5. Track and Trace:

1. Every message sent out is tracked to see if the recipient chooses to view the message, reject the message or ignore the message. If the message is ignored, then the email address may not longer be correct and follow up action can be taken to correct the situation.

2. If the recipient chooses to reject the message, then it would be illegal to resend the message to that same email address again. PECR is very clear that every person has the right to unsubscribe from a communication and it is illegal for the company to resend a message to that person again. A company may be fined and may face damages if a message is sent to a person how has unsubscribed from such a message.

3. If the recipient accepts and views the message, then the company must record the fact that the person has subscribed to receive such a message. A company may be liable to damages if it cannot prove when and how a person subscribed to a type of message.

4. It can be of considerable business advantage to know when a person views a specific message. Follow up can proceed in a timely way with the knowledge that a person has viewed a specific message at a known date and time.

6. Subscription Management:

1. Every company must comply with PECR and manage peoples subscription history. People have the right to be able to view and change their subscription history at any time. Where a company chooses not to comply with UK laws, then it will be very apparent to everybody who receives a message without the ability to usubscribe. The UK Information Commissioners Office (ICO) web site has a whistle blowers page where such companies can be reported. The whistle blower can expect to be able to claim damages for the company that sent illegal messages.

2. Other than transactions such as invoices, every other electronic communication is subject to subscription management as defined by PECR. A person must be given the right to subscribe and view the message, to unsubscribe and never be sent the same kind of message again, or to ignore the message. The person must be granted the right to view their subscription history and change it at any time. Where a persons subscription history shows they unsubscribed at a date and time, that person can change their mind and change it to subscribe.

3. Personal email is not impacted by PECR, but all business messages must comply with PECR. If you see a business message without an unsubscribe link, report the violation to the ICO, you have the right to sue for damages.

7. Privacy:

1. It is not acceptable for a company to leak private and confidential information in a plain email. If you see a business message containing private and confidential information, report the violation to ICO and make a claim for damages.

2. No company has the right to leak the privacy of any person, including its own staff and executives. A message stating that a named person is on holiday in the USA next week is totally unacceptable. That information will be copied, will be read and will be sold to third parties who may target the named person with targeted vacation information. What is even worse is that criminals now have a target who they know will be in the USA next week so they can take their time to empty the home of everything.

8. International Standards:

Email addresses are subject to RFC2821 and RFC2822 standards that are restricted to only 7 bit ASCII character codes.

The latin character set using A-Z alphabet without case sensitivity is at the heart of all common and standard email services. Digits 0-9 may be used with period, hyphen and underscore.

The PLUS symbol may be used to denote an email sub-address, but email sub-addresses may have become obsolete.

9. Private Bespoke Implementations:

Private bespoke email addresses may be extended to use characters that others do not use.

38 AMPERSAND has been used by "Bill&Ben@domain.com" but this will fail to be delivered by some email servers and may be treated as spam.

39 APOSTROPHE has been used by "O'Brian@domain.com" but this will fail to be delivered by some email servers and may be treated as spam.

42 STAR has been used by "M*A*S*H@domain.com" but this will fail to be delivered by some email servers and may be treated as spam.

47 SLASH has been used by "joe/fred@domain.com" but this will fail to be delivered by some email servers and may be treated as spam.

61 EQUAL has been used by "joe=boss@domain.com" but this will fail to be delivered by some email servers and may be treated as spam.

63 QUESTION has been used by "joe?boss@domain.com" but this will fail to be delivered by some email servers and may be treated as spam.

94 CARET has been used by "joe^boss@domain.com" but this will fail to be delivered by some email servers and may be treated as spam.

123-125CURLEY has been used by "joe{boss}jones@domain.com" but this will fail to be delivered by some email servers and may be treated as spam.

126 TILDE has been used by "joe~boss@domain.com" but this will fail to be delivered by some email servers and may be treated as spam.

10. Private Bespoke Implementations:

A private bespoke email service could choose to support upper and lower case characters for different mailboxes.

A private bespoke email service could choose to support other character codes such as pound, euro and yen symbols, but most general purpose email services will reject such symbols.

11. Included Character Set:

43 PLUS may be used in a sub-address.

45 HYPHEN may be used.

46 PERIOD may be used.

48-57 0-9 may be used.

65-90 A-Z may be used but not case sensitive.

95 UNDERSCORE may be used.

97-122 a-z may be used but not case sensitive.

12. Excluded Character Set:

1-31 control must not be used.

32 SPACE must not be used.

33 EXCLAMATION must not be used.

34 QUOTATION must not be used.

35 HASH must not be used.

36 DOLLAR must not be used.

37 PERCENT must not be used.

38 AMPERSAND (and) must not be used.

39 APOSTROPHE must not be used.

40 OPEN BRACKET must not be used.

41 CLOSE BRACKET must not be used.

42 STAR must not be used.

44 COMMA must not be used.

47 SLASH must not be used.

58 COLON must not be used.

59 SEMI-COLON must not be used.

60 LESS-THAN must not be used.

61 EQUAL must not be used.

62 GREATER-THAN must not be used.

63 QUESTION must not be used.

64 AT is mandated must not be used elsewhere.

91 SQUARE BRACE OPEN must not be used.

92 BACK SLASH must not be used.

93 SQUARE BRACE CLOSE must not be used.

94 CARET (top-hat) must not be used.

96 BACK TICK must not be used.

123 CURLY BRACE OPEN must not be used.

124 VERTICAL BAR must not be used.

125 CURLY BRACE CLOSE must not be used.

126 TILDE must not be used.

127 DEL must not be used.