Force Email Security & Classifications Policies
Ryan Jarvis made this Freedom of Information request to Greater Manchester Police
Dear Greater Manchester Police,
I am writing to respectfully make a formal request in accordance with the Freedom of Information Act 2000.
The privacy of emails sent via the @gmp.police.uk domain is at risk. This domain does not appear to have MTA-STS configured. This means that email privacy (using TLS) is vulnerable to downgrade, allowing an attacker to read the contents of emails.
My request is as follows:-
1. Please can the force confirm why it has opted not to use MTA-STS as a potential CySec safeguard when communicating via email on the @gmp.police.uk domain name?
2. Please can the force provide disclosure of its email security classifications policy.
3. Please can the force provide disclosure of the number of security incident reports made internally and/or externally which relate to concerns surrounding email security.
If I am able to provide any further information in support of this request, please do not hesitate to contact me.
Yours faithfully,
Ryan Jarvis
Dear Greater Manchester Police,
I wish to clarify point 3 of my request which should have read:-
3. Please can the force provide disclosure of the number of security incident reports made internally and/or externally which relate to concerns surrounding email security between the period May 2018 - May 2022.
I hope this is of some assistance when considering my request.
Yours faithfully,
Ryan Jarvis
Dear Ryan,
Please see attached the response to your FOI request.
Thank you
Kind regards,
Peechaya
Information Compliance and Records Management Unit
Information Management Branch |Greater Manchester Police
Postal address: c/o Openshaw Complex, Lawton Street, Openshaw, Manchester
M11 2NS
[1]GMPlogo
*not protectively marked
We work to defend the right to FOI for everyone
Help us protect your right to hold public authorities to account. Donate and support our work.
Donate Now