Norfolk County Council follows the guidance issued by Government Digital Services and the National Cyber Security Centre for email service security configuration. This means that by default, any email being sent or received will establish a TLS encrypted connection where the sending or receiving service supports it. All major UK ISPs also follow these standards and over 95% of all emails sent by Norfolk County Council are sent over a TLS encrypted connection.
When we receive sensitive emails we mark them as such using the Office 365 Mail Encryption (OME) service. Recipients will be emailed a link to the Office365 Mail Encryption service, where they will be able to decrypt the email by requesting a one-time passcode or signing in with an existing Microsoft or Google account.
Norfolk County Council's enhanced email service is called Transport Layer Security (TLS) and is a designed to securely encrypt all email between two organisations.
This service requires a TLS connection to be setup between the council and other organisations. Once the connection has been configured, all emails between the organisations are guaranteed to be secure and are sent with appropriate levels of encryption. TLS is a government recommended standard and is free for organisations to implement.
To set up a TLS connection, please ask your IT department to email firstname.lastname@example.org. We will work with them to set up the TLS connection.