<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=111591952803728&amp;ev=PageView&amp;noscript=1">
Skip to content
Our difference

We are on a mission to deliver innovative business transforming technology solutions that exceed our customers’ expectations.
 

Our culture

Our values guide us in everything we do and help shape our culture and customer approach. Find out more about our values and meet some of our team.
 

Our Microsoft Partnership

As a Microsoft Solutions Partner, we’ve been at the centre of the revolutionary changes that technology has brought to every aspect of life and we continue to stand by their side at the centre of tomorrow’s digital transformations.

Microsoft Solutions Partner

Our partners

We have successfully built relationships with multiple partners that prepare businesses for the future.
 

Carbon management

We understand our environmental responsibilities as a UK business and IT Managed Service Provider, and we understand how important it is for our customers to partner with responsible providers.
 

Careers

Our team is made up of a diverse group of people from all around the world, and we all have one thing in common: we’re passionate about providing our customers with outstanding solutions.

Thinking of selling your IT business?

Core is a well funded Microsoft Solutions Partner with a 30 year history of being at the heart of control in IT.

We are supported by our bankers and have funds available for strategic business acquisitions. Together with our successful acquisition track record and a commitment to making deals happen, now is the perfect time to talk to us if you are considering selling your IT business.

If you are interested in discussing a potential exit of your IT business, please complete the form on the right. All correspondence will be treated in the strictest of confidence and a mutual non-disclosure agreement will be exchanged prior to any discussions taking place.

Interactive Microsoft workshops

Our workshops are designed to help you realise the value of Microsoft technologies in your business, gain real value from your investment and transform the way you work.

The workshops are a collaborative and immersive experience; our experts will work with you to identify your business objectives and establish the Microsoft technologies to help you achieve them.
 

Request a workshop

Our range of workshops covers every aspect of the modern workplace including productivity, collaboration, identity, security and compliance and communication, with interactive and engaging sessions that bring the art of the possible to life.

Download our workshop guide

Read more about the interactive workshops we offer, and how they can benefit your business by downloading our guide.

MCI Workshop Introduction

Managed Services

Discover why Core is the first choice for many organisations looking to add flexibility, efficiency, and expertise to their teams.

Cloud Technology

From Microsoft’s leading platforms to bespoke cloud solutions, Core’s range of cloud technology solutions covers everything the modern workplace needs.

Professional Services

Whichever challenges you face on your digital journey, Core's professional services team has a solution to help, from IT Project Management to our innovative Smart Services.

Public Sector

Certified secure solution for the public sector, providing a reliable, flexible, secure and affordable IT solution.

Commercial Sector

Certified commercial sector solutions, covering all your commercial needs from financial and legal services, through to manufacturing.

Download our Frontline Workers white paper

Learn how technology can help to balance productivity with wellbeing for Frontline Workers.

White paper: How technology is revolutionising the health and productivity of frontline workers


Why customers choose us

Since we were founded in 1990 and started our Microsoft journey, we have supported over 10,000 customers on their communications and collaboration projects, and with the introduction of Microsoft's cloud technology, have grown our capabilities significantly across Microsoft 365 and Azure.

What sets us apart is a talented and passionate team who truly love what they do, demonstrating boundless enthusiasm and dedication in every single project.
 

logo-menu-david-lloyd

"It was apparent from day one that Core had a depth of knowledge in Microsoft 365, which we simply hadn’t found anywhere else."

Greater London Authority

"Core has a lot of experience working with the public sector, which was definitely a benefit."

Angel Trains

"There’s such a good working relationship with Core, it’s like having another permanent person in our organisation."

Talbot

"We had a really good, down to earth relationship with a few of the guys, and they know what they are doing."

Read our latest blog articles

Harnessing Evergreen IT Services for Strategic Advantage



Maximising Savings on Azure with Core’s Gain-Share Offer
Future-Proofing Your Business: The Perils of Rushing into Copilot for Microsoft 365



AI for All: How Microsoft's Latest Update on Copilot Opens Doors for all Businesses
The Core knowledge hub

Stay up-to-date with the latest insights, trends, and discussions from Core's team of subject matter experts through our blog topics and news articles.


Lucy WrightNov 2, 2018 1:53:49 PM4 min read

Government email: steps to securing

The government has announced that all government bodies using GCSX email addresses need to replace these with a government domain like gov.uk, gov.scot or gov.wales by March 2019.

They have created a blueprint which outlines how every government organisation should secure their email in future, so that information is sent securely between departments. This will be done primarily through encryption and anti-spoofing.

Encryption methods for government email

Encryption mitigates threats to email security and protects the data contained within the email. Government encryption is achieved through a process called transport layer security (TLS).

Transport layer security (TLS)

For cloud or internet-based email service, encryption is done through Transport Layer Security (TLS). It is a process of encryption which protects data while it is in transit between two computers.

The two computers ‘agree’ to encrypt the data being sent in a way that they can both understand. If it is not encrypted in a recognised way, the recipient computer can ‘refuse’ to connect.

Establishing how the data will be encrypted happens in an email exchange. The sending server ‘asks’ the receiving server to accept a TLS connection, and shares a list of protocols for the recipient to choose from. The receiving server then sends back their chosen security certificate and public encryption key.

The sending server then confirms the security certificate, encrypts the email using the public key and sends it to the recipient. The recipient has the private key to decrypt the email. The message is sent totally securely and only the recipient can decrypt it.

This is a vital step in securing email.

If an encrypted connection can’t be established, in most cases the email will be sent unencrypted. But for government bodies, this isn’t appropriate. Both parties should insist that a TLS connection is used. Here's a diagram showing how TLS works:

 

Securing government email

Anti-spoofing

Anti-spoofing is another element of email security which makes sure emails come from the place they say they are coming from. It does this through a few processes: DMARC, SPF and DKIM/.

Sender policy framework (SPF)

Sender policy framework validates the domain an email was sent from. It does this by listing valid sending IP addresses or domains in the DNS record. The recipient can then check if an email came from a valid IP or domain. If it didn’t it can be marked as spam.

Securing government email

Create and manage DKIM

DKIM stands for Domain Keys Identified Mail. DKIM verifies the domain an email came from and shows an email hasn’t been tampered with in transit. With DKIM, the recipient can filter out any emails that fail the DKIM check, which ensures any email they receive is safe to open.

To do this, DKIM uses both public and private keys.

Any email service that doesn’t check for DKIM signatures will let through every email.

Organisations can create a rule that users must look for messages that fail the DKIM check and mark any that do as spam. Any email service that doesn’t check for DKIM signatures will let through every email.

 

Domain-based Message Authentication, Reporting and Conformance (DMARC)

Phishing is a common way for cyber criminals to target individuals and organisations and can lead to sensitive information being compromised. DMARC can help prevent this by verifying where emails came from, and whether the location is genuine.

DMARC is an email standard that checks that emails came from the place they claim to. It does this using the sender policy framework (SPF) and DKIM discussed earlier.

DMARC helps organisations to:

  • Protect their staff and customers from cyber crime
  • Reduce costs associated with email fraud
  • Improve trust in the emails that the organisation sends
  • Monitor fraudulent use of their domains

Firstly, the SPF check confirms that the email came from a valid server, then it checks whether it was legitimately signed (the DKIM digital signature). DMARC also tells recipients what to do if an inbound email fails the DMARC checks and asks email services to send reports of where the email came from.

Some government organisations that use Office 365 are even going beyond the steps outlined above, and are adopting the E5 services such as ATP and safelinks, which provides an additional layer of protection.

Communicating changes to your organisation

It might be helpful to the people in your organisation if you communicate the changes that have been made. You can explain that this is a standard agreed across central government. Organisations who have implemented the changes are considered secure, so it is a positive move.

Core works with local and central government bodies and can help you secure your email to Official - Sensitive level. We have significant experience in helping customers implement the solutions outlined above, so contact us for a chat if this could help your organisation .

 

avatar

Lucy Wright

My name is Lucy and this is my author bio.