1. Protection of personal data
Protime respects the privacy of the users of its website in accordance with the provisions of the applicable data protection legislation (based upon the European Directive 95/46/EU of 24 October 1995 of the European Parliament and the Council concerning the protection of natural persons in connection with the processing of personal data and concerning the free movement of these data).
When allowing the ProMobile app access to your devices camera, the images are used for barcode scanning only. None of the images are used for a different purpose, nor are they stored in the app, on your device, in the Protime software or our datacenter.
The personal data provided by the user voluntarily via the different websites are kept on a certain location (see below). Since the data are provided by the user, Protime cannot be held responsible for their contents and Protime therefore disclaims all responsibility.
You are entitled to inspect, correct and remove these data as provided for by the applicable data protection legislation. This can be done by addressing a written request with proof of your identity to Protime NV, Kontichsesteenweg 54, 2630 Aartselaar.
3. Protection of access
4. Datacenter locations
4.1 Corporate website
The personal data provided by the user voluntarily via this website are registered in the files of Protime and are kept at the address of Protime Kontichsesteenweg 54, 2630 Aartselaar.
4.2 Premium suite
The personal data provided by the user voluntarily via this website are registered in the files of Protime and are kept at the address of SD Services NV, Brouwersvliet 5, 2000 Antwerp.
4.3 Protime 360°
The personal data provided by the user voluntarily via this website are registered in the files of Protime and are kept at the address of Unitt (Combell) (EU).
5. Email security
Our state of the art email security device does several checks on incoming emails. If our email security device has dropped your mail this means that one of the following checks has failed:
5.1 Reverse DNS
Reverse DNS Lookup determines the host associated with a given IP address. If an email from somecompany.eu with a source IP address of X.X.X.X is delivered to our anti-spam security gateway, the Reverse DNS lookup feature will check the IP Address X.X.X.X is actually associated with the domain somecompany.eu. If this is not the case, it is assumed the email has been spoofed.
The owner of a domain (somecompany.eu) will publish an SPF record which will consist of all authorised senders for this domain. An email receiver can check the sender's records to see if it is associated with that domain, and when the SPF records specify this is the case, the email is accepted.
The SPF record will prove the sender is a trusted sender for that domain.
There is a difference between:
- SPF softfail
v=spf1 ip4:X.X.X.X ~all
~all means that any servers not listed in this SPF record should be treated as a "softfail", ie. mail can be allowed through but should be tagged as suspicious.
-> Protime will tag the email with a tag [SPF SOFTFAIL]
-> Protime will put the mail in the users personal SPAM Quarantine where it can be released if wanted
-> Domains which get a tag [SPF SOFTFAIL] cannot be added to personal whitelist
- SPF Hardfail
The owner of the domain can specify the SPF record for the domain like:
v=spf1 ip4:X.X.X.X -all
-all means that any senders not listed in this SPF record should be treated as a "hardfail", ie. they are unauthorised and emails from them should be discarded
-> Protime will tag the email with a tag [SPF FAIL]
-> Protime will put the mail in Quarantine where it can be checked by the Itservicedesk team
DKIM (DomainKeysIdentified Mail) is an email security standard designed to make suremessages aren’t altered in transit between the sending and recipient servers.It uses public-key cryptography to sign email with a private key as it leaves asending server. Recipient servers then use a public key published to a domain’s DNS to verify the source of the message, and that the body of the messagehasn’t changed during transit. Once the signature is verified with thepublic key by the recipient server, the message passes DKIM and is considered authentic.
The mail security will flag messages with error "DKIM: permfail body hash did not verify [final]" for every mail send by $sender" with a tag [DKIM failed]
This can be caused by several things:
>> The public key specified in the DKIM-Signature header is wrong.
>> The public key published by the sender in their DNS is wrong.
>> The body of the email was modified after it left the mailserver
>> Someone spoofed the email and signed it without having the correct private key.
>> Other causes are also possible
Anyway the emails with DKIM failed flag are "suspected" and quarantined.
The sender will have to solve this issue!
5.4 Anti-Malware - Virusscan
The Anti-Malware System combines Web Reputation Filters, a critical first layer of preventative defense against new outbreaks, with best-of-breed signature-based verdict engines to provide powerful, fully integrated anti-malware defense.
As the second layer of defense Anti-Malware System scans web content, as it is downloaded, against malware and virus signatures - eliminating the broadest range of known and emerging web-based threats. A combination multiple antivirus engines, including Sophos and McAfee, provide maximum security without compromising scalability.
5.5 AMP (Advanced Malware Protection)
AMP analyzes emails for threats hidden in malicious attachments. It gives advanced protection against spear phishing, ransomware, and other sophisticated attacks.
AMP uses a combination of file reputation and file sandboxing to identify and stop threats.
- File Reputation captures a fingerprint of each file as it traverses the Email Security gateway and sends it to AMP’s cloud-based intelligence network for a reputation verdict. Given these results, malicious files are automatically blocked
- File Sandboxing provides the ability to analyze unknown files that are traversing the Email Security gateway. A highly secure sandbox environment enables AMP to glean precise details about a file’s behavior and to combine that data with detailed human and machine analysis to determine the file’s threat level. This disposition is then fed into AMP’s cloud-based intelligence network and used to dynamically update and expand the AMP cloud data set for enhanced protection.
5.6 Outbreak filters - URL Filtering
Outbreak Filters protect our network from large-scale virus outbreaks and smaller, non-viral attacks, such as phishing scams and malware distribution, as they occur.
Global traffic patterns are used to develop rules that determine if an incoming message is safe or part of an outbreak. Messages that may be part of an outbreak are quarantined until they are determined to be safe based on updated outbreak information or new anti-virus definitions are published by Sophos and McAfee.
Outbreak Filters analyze a message’s content and search for URL links to detect this type of non-viral attack.
The reputation and category of links in messages, in conjunction with other spam-identification algorithms, to help identify spam. For example, if a link in a message belongs to a marketing web site, the message is more likely to be a marketing message.
5.7 Blackmail (SPAM)
All our incoming mails are scanned by an anti-spam engine. This engine has a very large rule base (thousands of rules) to check mails and give them an overall spam score.
If mails get a score between 50 en 90 they will get a tag [SUSPECTED SPAM].
If mails get a score between 90 en 100 they will get a tag [SPAM].
We cannot check why the overall score is what it is. Nor can we read the current score or get insight on past scores.
5.8 Graymail (SOCIAL/MARKETING/BULK)
Graymail messages are messages that do not fit the definition of spam, for example, newsletters, mailing list subscriptions, social media notifications, and so on. These messages were of use at some point in time, but have subsequently diminished in value to the point where the end user no longer wants to receive them.
The difference between graymail and spam is that the end user intentionally provided an email address at some point (for example, the end user subscribed to a newsletter on an e-commerce website or provided contact details to an organization during a conference) as opposed to spam, messages that the end user did not sign up for.
The graymail engine classifies each graymail into one of the following categories:
- Marketing Email. Advertising messages sent by professional marketing groups, for example, bulletins from Amazon.com with details about their newly launched products.
- Social Network Email. Notification messages from social networks, dating websites, forums, and so on. Examples include alerts from: LinkedIn, for jobs that you may be interested in, CNET forums, when a user responds to your post.
- Bulk Email. Advertising messages sent by unrecognized marketing groups, for example, newsletters from TechTarget, a technology media company.
5.9 Suspected Domain
When our colleagues keep receiving "clean" unwanted messages from the same domain, we classify the domain as SUSPECTED and all mail from that domain will be quarantined!
If you have further questions, please contact your Protime consultant or our helpdesk.