On Notify, data is encrypted:
Other technical security controls on Notify include:
Some messages include sensitive information like security codes or password reset links.
If you’re sending a message with sensitive information, you can choose to hide those details on the Notify dashboard once the message has been sent. This means that only the message recipient will be able to see that information.
-You can set different user permissions in Notify. This lets you control who in your team has access to certain parts of the service.
To sign in to Notify, you’ll need to enter:
@@ -54,7 +54,7 @@If signing in with a text message is a problem for your team, contact us to find out about using an email link instead.
-Our approach to information risk management follows NCSC guidance. It assesses:
This approach also applies to the service providers Notify uses to send messages.
-Things we do to manage risks on Notify include:
Notify has been assessed and approved by the Cabinet Office Senior Information Risk Officer (SIRO). The SIRO checks this approval once a year.
Notify also has approval from the Office of the Government’s SIRO to host data within the EEA.
-You can use Notify to send messages classified as ‘OFFICIAL’ or ‘OFFICIAL-SENSITIVE’ under the Government Security Classifications policy.
Notify does not process data classified as ‘SECRET’ or ‘TOP SECRET’.
The Notify team has Security Check (SC) level clearance from United Kingdom Security Vetting (UKSV).