BAS takes the privacy and security of employer and employee data very seriously. BAS utilizes Cisco IronPort as part of its email security protocol. Cisco IronPort monitors and prevents unintended emails from leaving the corporate network.
All emails sent outside of the BAS network are filtered through Cisco IronPort before they leave BAS. Within the network, BAS has security policies and procedures based on internal department use of personal data. For example, BAS generally has a policy against including Social Security Numbers in an email string, unless necessary for internal business purposes.
BAS identifies certain security processes to IronPort (such as recognizing a Social Security Number). When IronPort identifies an email that has violated an established BAS security policy, the email is quarantined before it has a chance to leave the BAS network.
Procedures for quarantined emails:
1) When an email becomes quarantined, IronPort automatically generates an email to the sender as well as to the BAS the security team.
2) The email is reviewed by IT Department to identify the issue.
3) If the IT Department determines that the email is quarantined but does not contain a security risk, the IT Department will send an email to the sender and security team describing the details of the findings and the email will be released to be sent outside of the network.
4) If the email contains a BAS policy violation, the IT Department will send an email to the sender and security team describing the details of the issue and the email will be deleted from IronPort.
5) The sender of the email will explain how the issue is addressed. For example,
(a) The email can be sent through MyEnroll Secure File transfer.
(b) The email can be sent encrypted or employees can encrypt emails using Cisco encryption by adding the keyword “Encrypt/encrypted” in the subject of the email.
(c) The sensitive information can be deleted from the email and resent.
BAS' network security processes are robust and responsive to the importance BAS places on security of information. For more details, contact PR@BASusa.com.