recommended reading

Postal Service Prepares to Sell Email Encryption

Robert Ray/AP file photo

As reports of mail workers monitoring letters surfaced this summer, the U.S. Postal Service was applying to trademark merchandise aimed at preventing snoops -- outside the government -- from hacking online communications. The potential product line underscores the struggle agencies face in balancing privacy and national security -- all while trying to keep the government funded.

One brand name filed Sept. 6, "United States Postal Service Digital Services,” would consist of, among other things, “tamper-detection capabilities" for safeguarding electronic documents, audio and videos.

A more generic "United States Digital Services” trademark, submitted for consideration on Aug. 16, would include fax transmissions "featuring encryption and decryption."

The name also would cover "electronic mail services in the field of financial transactions,” which presumably could generate Wall Street sales for an agency that has lost $3.9 billion so far this fiscal year.

The filing proposes verifying the identities of people transmitting information -- and, vice versa, confirming intended recipients have received unadulterated information -- through a practice called "security printing.” The technique codes identification information on valuable documents and products. 

These privacy services could potentially make it harder for the Postal Service to fulfill another of its missions -- to fight mail fraud.

The New York Times in July reported: "Postal Service computers photograph the exterior of every piece of paper mail that is processed in the United States.” USPS personnel log the items so they can "retrace the path of mail" at the request of the FBI, according to the newspaper. 

As paper mail goes the way of the Pony Express, the Postal Service is looking to enter more digital media markets, including the ID industry. The agency, for example, is managing a governmentwide trial to see if citizens can securely access online services at multiple agencies without having to re-enter personal information or remember multiple passwords. 

In August, USPS officials awarded Canada-based SecureKey Technologies Inc. a $15 million one-year contract to build the "Federal Cloud Credentialing Exchange."

The network is part of a larger White House privacy initiative, called the National Strategy for Trusted Identities in Cyberspace, that is planning a worldwide online login network, where computer users can access any number of accounts using the same credentials. 

Join us at Nextgov Prime Oct. 15-16 in Washington for indepth discussions about cloud computing, data security and much more. Registration is free for federal employees.

Threatwatch Alert

Credential-stealing malware / User accounts compromised / Software vulnerability

Android Malware Infects More than 1M Phones, Adds 13,000 Devices a Day

See threatwatch report

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

    Download
  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

    Download
  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

    Download
  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

    Download
  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

    Download

When you download a report, your information may be shared with the underwriters of that document.