Like many organizations, the United States Postal Service® relies on third parties to support its critical business needs.
If a cyber threat were to impact any of these third parties, the Postal Service™ could also be affected. This concept is called third-party risk. By remaining vigilant, employees can help keep the USPS® network safe and secure.
In working with third parties, the CyberSafe at USPS® team suggests the following tips:
n Protect your inbox. All emails from external or non-USPS senders automatically display [EXTERNAL] in the subject line. Report any suspicious emails using the “Report to CyberSafe” Outlook button. For more information visit blue.usps.gov/cyber/protect-your-inbox.htm.
n Share only need-to-know data. Only send data to third parties with a business need for the information or when a data-handling agreement is in place.
n Send emails safely. Use #sensitive# in the subject line when sending sensitive and sensitive-enhanced information to authorized third parties. For more information visit blue.usps.gov/cyber/sensitive-external.htm.
n Securely transfer large files. If your role requires it, use Secure Large File Transfer (blue.usps.gov/cyber/slft-web-application.htm) to share large files with third parties.
n Separate for security. Plug only USPS-approved devices into the USPS network. For more information, visit blue.usps.gov/cyber/utilize-encryption.htm.
Report any suspicious activity on USPS systems, networks, or equipment to the CyberSecurity Operations Center by sending an email to CyberSafe@usps.gov or by calling 866-877-7247.
For more information on how to report suspected threats, visit the CyberSafe at USPS websites on Blue (blue.usps.gov/cyber/) and LiteBlue (liteblue.usps.gov/cyber/).
— Corporate Information Security Office,
Chief Information Security Officer
and Digital Solutions, 5-23-19