Major upgrade for Safe4

2024 sees a major upgrade for Safe4

With the new year has come a major upgrade for Safe4. The highly secure information management and sharing service now has an enhanced user interface, with the ability to introduce a colour scheme of the customer’s choice.

The revamped user interface reflects a more modern and functionally rich experience for the user:

major upgrade for safe4, with document watermarking and enhanced branding

This new version of Safe4 is not just about cosmetic appearances, however. There are several significant changes to the functionality of the system…

This new version of Safe4 is not just about cosmetic appearances, however. There are several significant changes to the functionality of the system…

Documents can now be Watermarked

A highly configurable watermarking capability has been added as part of this major upgrade for Safe4. Any PDF file can show any chosen message, as well as a record of who has opened the document.

Documents in safe4 can be watermarked

This function also permits PDF files to be controlled, to help to reduce improper use of the information held in Safe4. Individual documents can be password controlled, and there are tools to support marking up PDF files, as well as preventing functions such as printing.

New user registration

New users will no longer be required to think of a username when accepting their invitation to register for Safe4. The system will apply the user’s email address as the username, simplifying the process and making it easier to remember usernames. If a user is invited to become a member of multiple vaults, they will simply have to enter a password and the system will automatically add them to the new vault.

Safe4 s hosted in the UK, on data centres accredited to ISO 27001. It complies with the Solicitors Regulation Authority guidance for cloud-based systems, and provides granular permissions, and a comprehensive audit trail and reporting capability.

If you would like more information on how the upgraded version of Safe4 can be of value to your business, please contact us. We will be delighted to assist.

MI5 warns of massive intellectual property theft

As featured on the BBC website on 18 October 2023, the head of MI5 in the United Kingdom has warned of the massive scale of intellectual property theft by Chinese agents approaching UK businesses.

Ken McCallum, the Head of MI5, speaking at Stanford University in California at a meeting of the Five Eyes alliance, has warned of the risk that penetration of UK businesses by hostile agents now presents. Read the article on the BBC website in full here.

The UK is known internationally as the source of much original thinking and innovation in product and service design. This naturally makes UK a target at many levels for unlawful penetration and theft of data. Whilst this clearly affects businesses who are generating and managing confidential information, the risk is also a major issue for universities, from which many UK startup companies originate.

The Solution?

Safe4 Information Management was set up in 2010 to provide a highly secure service to allow organisations of any size and type to share confidential information securely. The unique architecture of Safe4 allows the creation of secure vaults in the cloud to which users can be invited selectively. Granular permission and access controls ensure that sensitive information cannot be accessed by unauthorised parties. This differs radically from most other online file sharing systems, which are simply ways of sharing folders. Safe4 uses UK-only hosting in ISO 27001 accredited data centres, and sophisticated file encryption. Comprehensive audit trails and reporting facilities support business best practice and good governance. Safe4 offers a genuinely safe and secure facility for managing confidential documents and structured data.

Intellectual capital is one of the UK’s prime national assets, and should be managed in the most secure way possible. The core design of Safe4 makes this simple and affordable for any organisation, whether public or private sector, and of any scale. Safe4 is used effectively by small specialist consultancies as well as large corporates and public sector customers.

Safe4 has been adopted by a range of different organisations across many different business sectors. If you would like to learn how using Safe4 can reduce the risk of intellectual property theft, please contact us. We will be delighted to assist.

Updated look and feel for Safe4 – new upload options

As part of an ongoing process of refreshing the user interface, there is now an updated look and feel for Safe4. This is most apparent on the files and folders page, which is the most commonly used part of the system.

The screen has been redesigned to offer a clearer layout, with some of the buttons having been relocated and new icons introduced. Functionality remains the same, although an important change has been made to the way in which information can be uploaded to the system. As well as uploading files into a specific folder, Safe4 now supports the upload of complete folder structures in a single action. This includes complex sets of nested folders, with files at different levels. Safe4 will now create all of the folders and subfolders, and will position the file contents at the appropriate level.

This change in the upload process will allow new projects or data rooms to be added very quickly directly from Windows, without having to manually create subfolders and subfolders. As before, users who have access to the vault in question will receive automatic notification of all new uploads.

As always, this updated look and feel for Safe4 is accompanied by further security enhancements.

For more information on how Safe4 might be able to assist your organisation to manage and share information securely – without using email to transfer confidential documents or data – please contact us. We will be delighted to assist you.

Risk of using email for the transfer of confidential information

The risk of using email for the transfer of confidential information has been highlighted yet again. In today’s edition of The Times, the penetration of an email system with criminal intent has led to the loss of confidential information.

The Safe4 system has been designed specifically to avoid the use of email for the transfer of confidential information. The secure vault, which is at the heart of the Safe4 architecture, can be used for a wide range of different applications. In order to access the contents of a vault, users have to have been specifically invited to do so, and must authenticate themselves with username, password and 2-factor authentication. Confidential information is never transferred by email.

Safe4 follows guidance from the UK National Cyber Security Centre for matters relating to password length and strength, and is regularly penetration-tested by UK Government accredited services. Combined with comprehensive reporting and audit trails, and UK-based hosting in data centres accredited to ISO 27001, Safe4 offers a secure alternative to the use of email to transfer confidential information.

For more information on how Safe4 can assist your organisation to reduce the risk of unauthorised access to your information, please contact us.

NCSC warns of cyber threats to UK law firms

The United Kingdom National Cyber Security Centre (part of GCHQ) has warned again about the cyber threats to UK law firms. The renewed threat is largely being driven by legal practices adopting hybrid working patterns resulting from the pandemic, with staff increasingly spending more time working from home. More background is available in an article published in The Register on 26th June 2023.

Since law firms by definition handle highly confidential information, and are increasingly dealing with very large sums of cash on behalf of their clients, the opportunity for criminals to interfere with the transfer of information is enormous. In the words of NCSC, law firms are “particularly attractive targets to attackers”.

Cyber threats to UK law firms are not new – Safe4 Information Management was formed in 2010 specifically to allow organisations to exchange information with external parties without compromising the confidentiality of the information in question. Safe4 works with a number of law firms, both large and small, and has provided its secure vault-based service to legal practices across the UK. One of the key elements in the approach adopted by Safe4 is that confidential information is NEVER transferred by email. Invitations and notifications are sent by email, but users have to authenticate themselves with a username, password and optionally 2-factor authentication before any confidential information is made available.

One of the instances where this is most valuable is with the provision of bank details by clients. Using the structured data capabilities of Safe4, clients can be invited to enter their bank details into an online form, which when completed notifies the professional practitioner that the data has been provided. The practitioner, or fee-earner, will then have read-only access to this information after they have carried out the necessary authentication. The bank details can then be used for their intended purpose, and optionally transferred into other internal systems by API.

The Register article makes the point that some of the attackers are nation states, with access to very sophisticated tools. In particular, brute-force attack technologies are being used to penetrate systems by exploiting weak passwords. To mitigate this risk, Safe4 has implemented NCSC recommendations relating to password length and strength.

All of the information held in Safe4 is stored in UK-only data centres accredited to ISO 27001. Safe4 is penetration tested regularly, and is accredited under the UK Cyber Essentials scheme by Government approved organisations under the CHECK protocol.

If you would like more information on how Safe4 can help with the battle against cyber attack, please contact us. We will be delighted to assist.

Safe4 renews Cyber Essentials accreditation

Safe4 has renewed its Cyber Essentials accreditation through the IASME Consortium for the year ending August 2023. This forms an important component in the company’s internal governance and compliance programme, which also encompasses the Cyber Primed information security standard. The accreditation of Safe4 is now featured on the National Cyber Security Centre’s website.

As well as providing a class-leading level of security in the handling of customers’ information, Safe4 recognises the need for a diligent approach towards the management of its own internal activities and processes. An extensive series of information security policies has been implemented, to form the basis of a comprehensive programme of best practice measures.

The requirements for Cyber Essentials accreditation have been updated by the NCSC, and since April 2022 a different set of criteria have been applied. Safe4 has followed NCSC guidance for many years, notably in the case of password strength requirements, which allow passwords of up to 150 characters in length to be selected by users of the secure cloud-based Safe4 service.

For more information on how Safe4 can assist your organisation to manage confidential information safely and securely, please contact us. We will be delighted to assist you.

Safe4 has passed 250,000 users

During April 2022 Safe4 has reached the quarter-of-a-million user mark. The fact that Safe4 has passed 250,000 users is significant in many ways – not least because it demonstrates the stability and reliability of the system.

The principal benefit that Safe4 brings is, of course, security. Many of the users who have created accounts in Safe4 have received vital health information through their vault, and can rest assured that their confidential personal data has not been compromised by being sent using open email. The ability to offer the highest standard of protection of personal data distinguishes Safe4 from many other systems that have been used to handle the result of Covid-19 tests, for example.

Safe4 offers the same security benefit for corporate and small business users, and is now being used extensively by many professional practitioners and service providers to manage a wide range of information safely and securely.

For more information on how Safe4 can assist your organisation to reduce costs, improve compliance and enhance client service, please contact us. Safe4 utilises UK-only data centres accredited to ISO 27001, and has been designed from first principles to maximise security and confidentiality.


July 2021 – A record month for Safe4

July 2021 saw a record number of vaults being created in Safe4 in a single month. During July, 19,468 new vaults were created, bringing the total in the system to well over 165,000.

The rapid recent growth in the number if vaults is partly a result of Safe4 being used to handle highly personal health information, primarily related to Covid testing. The flexibility and security of Safe4 makes it an ideal solution to the problem of providing patients with critical medical information rapidly and safely, without risking the use of open email.

Safe4 also recorded another milestone in July, with over 150,000 users being registered in the system. These users enjoy highly secure access to information, whether for personal or business use. Safe4 stores all information in the system in UK-only data centres, accredited to ISO 27001.

If you would like more information on how Safe4 can help to improve the security of movement and storage of critical information, please contact us. We will be delighted to assist.

Safe4 passes 100,000 users

User numbers in Safe4 have been growing steadily over the years, and a significant milestone has been reached in April 2021. Safe4 now has more than 100,000 users, each of which is able to enjoy the benefits of highly secure cloud-based storage and management of confidential information.

Initial usage of Safe4 was concentrated primarily in commercial and corporate applications. Recent trends, however, have seen the system becoming increasingly used as a secure personal vault, holding information on behalf of private individuals who are clients of service providers in different sectors. These range from clients of international banks to patients of health testing and screening companies. Integration of the Safe4 vault into other business applications using the system’s restful API has provided many users with a convenient and safe facility for holding their personal information.

Full compliance with the UK Data Protection Act, following the introduction of the European GDPR in 2018, gives customers and their clients additional comfort and protection, as does the knowledge that Safe4 uses UK-only data centres accredited to ISO 27001.

For further information on how using Safe4 can potentially add value to your business, please contact us. We will be delighted to hear from you.

Screen4 partners with Safe4 for Covid-19 Testing

Screen4, one of the UK’s leading providers of health screening services, has partnered with Safe4 and S4Encrypt to help to automate the processing of Covid-19 tests purchased from its website.

As one of the world’s top drug and alcohol screening services for the travel sector, with operations in 140 locations across 40 countries, Screen4 was well placed to offer Covid-19 testing facilities when the pandemic started to have an impact in the UK. From its Barnsley, Yorkshire, premises it can process in excess of 3,000 Covid-19 tests per day, in conjunction with Oncologica, a testing laboratory based in Cambridge.

Contact began in June 2020

The first contact between S4Encrypt, Safe4 sister company, and Screen4 took place on 23 June 2020, by which time the UK was in a state of lockdown and reeling from the effects of the Coronavirus. This quickly led to technical discussions between Safe4 and the technology partners of Screen4, with the intention of integrating the process for receiving orders for Covid-19 tests with the use of the Safe4 vault as a means of delivering the test result to the end customer.

Alistair Stubbs, Safe4 CTO, came up with a solution design based on the use of the system’s existing capabilities in conjunction with a new Safe4 object type – the Event. This allowed each individual test – the Safe4 Event – to be associated with one or more customers who would each become users of the system.

How the Covid-19 testing process works

The primary requirement arose from the close association that Screen4 had built up with the travel sector, and focused on the need for pre-travel testing. Many countries had determined that before anyone would be permitted to enter from abroad, the passenger would have to provide evidence of a negative PCR test for Covid-19.

Several airlines, including TUI, Virgin Atlantic and Qantas, as well as P&O Ferries, now direct passengers buying travel tickets to the Screen4 website, where Covid-19 PCR tests can be purchased. These include both self-administered and clinician-collected tests. The Screen4 internal systems then send data to Safe4 through the API, triggering the creation of a vault and an invitation for the traveler to create a user account.

After confirmation of the test, including time and location in the case of clinician-collected tests, the user is prompted to use their vault to record the barcode on the sample vial that is used to carry the PCR swab to the laboratory in Cambridge. This unique code also captures the precise time and date of entering the barcode, essential for the calculation of the pre-flight hours for the destination country: either 48 or 72 hours. After analysis of the samples by the laboratory the test results are transferred automatically to each individual’s vault. Safe4 then notifies the traveler that the result is available and produces a PDF certificate confirming the traveler’s details and the test result, which can be shown both on departure and arrival to satisfy the requirements of the destination country.

The e-wallet and the QR Code

In addition to the certificate, which can be downloaded to a computer or a smartphone, Safe4 also creates a pass that can be added to the e-wallet on most modern phones. Both the certificate and the pass carry a QR code that, when scanned, displays a page from the secure Safe4 website allowing independent verification of the test result.

The way forward

Safe4, S4Encrypt and Screen4 are looking at enhancements of the service to include different types of test, as well as exploring the capability of the solution to capture evidence of a vaccination. This can be linked with an identity verification function that will capture a photograph of the individual, for additional validation of the traveler and the test or vaccination status. This Immunity Passport facility will help the travel industry to start to resume pre-pandemic levels of activity.

David Grouse, Managing Director of Screen4, believes that the association with S4Encrypt and the use of the Safe4 vault can help to achieve higher volumes and faster customer service. David believes that “the addition of the vault capability to deliver Covid-19 test results rapidly to our customers is helping us to streamline our operations and increase throughput, as well as bringing the result to the travelling customer more quickly and securely.”

Ben Martin, director of both Safe4 and S4Encrypt, is delighted with the progress that has been made. He feels that “working closely with Screen4 has been a very productive process for us. We are conscious of the importance of handling the Covid-19 test process as quickly and efficiently as possible, bearing in mind the health consequences for the customer and the need to get our economy functioning again quickly. Using the system as an irrefutable means of proving vaccination status in the future will also help all of us to move towards an end to the disruption that everyone has suffered during the pandemic.”

The high level of security provided by the Safe4 vault is crucial to ensure that the personal health data being handled throughout the process is managed as safely as possible. Safe4 complies fully with the UK Data Protection Act 2018, incorporating the European GDPR. All the information captured in the service is held in UK-only data centres accredited to ISO 27001.

For more information, please contact us. We will be delighted to hear from you.