If you need to send sensitive or sensitive-enhanced information to a co-worker or an authorized external recipient, take steps to prevent USPS® information from getting into the wrong hands.
When sending sensitive information to authorized external recipients, use the Enterprise Encryption Service (EES) by placing #sensitive# in the subject line (not case-sensitive). Doing this will encrypt the attachments and place them on a secure email platform for the recipient to access.
Any time an employee sends an email to another USPS address, it is automatically encrypted and no additional action is required. However, senders must still consider the following:
n Determine whether the recipient “needs to know” the information.
n If necessary, use WinZip to minimize the file size of attachments before sending.
n Do not manually encrypt or password protect documents when sending to recipients within the USPS network.
For more guidance, see sections 3-2.3.2, Sensitive-Enhanced Information and 3-2.3.3, Sensitive Information in Handbook AS-805, Information Security.
If you suspect USPS data has been compromised, please do not attempt to fix the situation yourself. Instead, report it immediately to the CyberSecurity Operations Center (CSOC) at cybersafe@usps.gov.
For more information on how to stay cybersafe, check out the CyberSafe at USPS® websites on Blue (blue.usps.gov/cyber/) and LiteBlue (liteblue.usps.gov/cyber/), or the public-facing website at uspscybersafe.com.
— Corporate Information Security Office,
Chief Information Security Officer
and Digital Solutions, 9-28-17
