EPN568 - Secure and encrypted email – Transport Layer Security (TLS) 1.2

Date posted: 08/02/2019

Audience

IT departments
HR managers
Pension leads
Staff who exchange emails with the Scheme Administrator (MyCSP)

Summary

This EPN notifies employers that from 1 April 2019, the Scheme Administrator will be using an email encryption called Transport Layer Security (TLS) 1.2. The change relates to all emails to and from employer email domains. This will make email exchanges more secure in line with official government guidance.

Actions

To note the change in email protocol,
To liaise with IT departments / shared service providers to ensure TLS 1.2 is turned on and then to confirm to the Scheme Administrator at SystemsServiceDesk@mycsp.co.uk that this has been done, or
Advise the Scheme Administrator if TLS 1.2 cannot be applied by contacting them at SystemsServiceDesk@mycsp.co.uk or on
01903 760100 (selecting option one). You must do this no later than 15 March 2019.

Timing

Advise the Scheme Administrator if TLS cannot be applied by 15 March 2019
New email protocol to be implemented from 1 April 2019

Detail

From 1 April 2019, the Scheme Administrator will apply TLS encryption on emails to and from employer email domains. This will make email exchanges more secure in line with official government guidance:

https://www.gov.uk/guidance/set-up-government-email-services-securely https://www.ncsc.gov.uk/guidance/email-security-and-anti-spoofing

TLS is an encryption protocol used to protect data that is sent between computers. When email servers send and receive data, they agree to encrypt the information in a way they both understand. Depending on the rules in place, either server may refuse to connect if they can’t find a suitable encryption method.

As most organisations already have TLS 1.2 turned on, we anticipate that few organisations will be affected by the change. However, please check with your IT services department (or shared service provider) to ensure that this is the case to avoid potential problems. If this is likely to be a problem and you wish to continue with unencrypted emails, please inform us immediately. Please note if you choose to not use TLS encryption, you are not following official guidance. You will be knowingly sending employee data to the Scheme Administrator across the internet unencrypted.

Separate arrangements are in place for the transfer of bulk employee data, which should not be sent without additional protection.

Contacts

If you have any questions or need assistance regarding TLS, please contact the Scheme Administrator’s Service Desk on 01903 760100 and select option one.

If you have a question about the distribution of EPNs contact employerpensionnotice@cabinetoffice.gov.uk.

You can find electronic copies of the Employer Pension Guide, all current EPNs and forms on our website.

This notice is for employers and should not be issued to scheme members.

If members have a question about their pension, they can find information on this website or by contacting the Scheme Administrator.