What is EPMS?
The Australian Government Email Protective Marking Standard (EPMS) is a set of requirements that organizations must follow in order to protect sensitive and classified information that is sent or received by email.
According to the Email Protective Marking Scheme, governmental agencies must ensure that all official emails are marked with a protective marking that identifies the maximum classification and protection requirements for that information.
The EPMS v2018.6 was updated on 30 January 2023. The new Email Protective Marking Standard introduces a number of changes from the previous standard, including:
Aggregated data, data used for household/domestic purposes, and publicly available personal data are outside the scope of the DPDP Act.
What is sensitive or classified information?
The EPMS defines sensitive or classified information as information that, if disclosed, could have a negative impact on the national security, economic interests, or public safety of Australia. Sensitive or classified information can include the following:
- Information about government policies or programs
- Information about military or intelligence operations
- Information about trade secrets or other confidential business information
- Information about personal or financial information
Fortra’s Digital Guardian can help you comply with EPMS
Fortra's Digital Guardian can assist organizations in complying with the EPMS by providing a comprehensive data protection solution that addresses the specific requirements for managing and safeguarding sensitive information transmitted via email. Here’s how it helps:
Policy Enforcement
Digital Guardian ensures that only emails with correct protective markings are sent, and it prevents the accidental sharing of sensitive or classified information without proper security measures, reducing the risk of non-compliance.
Content Inspection and Filtering
The platform performs deep content inspection on every outgoing email, scanning both the email body and any attachments. This ensures that sensitive content, such as classified documents or confidential government information, is flagged or properly marked before it is sent.
Email Encryption
Digital Guardian offers encryption for emails containing sensitive information, ensuring that marked emails are protected during transit and only accessible by authorized recipients.
Audit and Reporting
Digital Guardian offers comprehensive auditing and reporting features that track every email sent within the organization, including which protective marking was applied, any policy violations, and details of sensitive data transfers. This information is compiled into detailed reports that can be used for internal reviews or provided during external audits.
