We are now opening “whistleblower” servers in Finland

- SCAB - > Blog > Cybersecurity > We are now opening “whistleblower” servers in Finland
Visselblåsare

On request, we are now opening new servers for the whistleblower service also in Finland, which you can choose at no extra cost in our E2EE Form BASIC package.

As we told in a previous post, among other things, all employers with at least 50 employees must create a system where so-called whistleblowers can safely report irregularities in the business in a safe way, without risking retaliation.

By 17 September 2021, all EU Member States must have implemented legislation for this. If your company/organization does not yet create such a channel, it is high time to address this now!

It does not have to be expensive or complicated at all. Unlike other systems that offer this service and that are primarily aimed at large organizations, often with thousands of employees, our ANON::form solution is developed with the goal of creating as easy-to-use and affordable a system as possible that meets all requirements, but is adapted to the needs of the smaller businesses.

This is how it works:

  1. One person fills in and submits your ANON::form form. All form data is already encrypted in the browser and sent as a secure and untraceable e-mail message, nothing is saved in the computer or browser.
  2. The recipient (you or for example an external lawyer) has an E2EE e-mail account, with an external supplier or as part of your own e-mail solution, which receives the form data and decrypts everything in your e-mail client.
  3. The person who receives the message begins the process that has been created in advance for the current form. Own internal tools are used for this, so sensitive info should preferably not be handled in an internet online system where everything from hackers to system personnel or clumsy authorities can access your data.

To make it as easy as possible for you, we have created the basic package E2EE Form BASIC where we have collected the most important things, this is included in the package:

  1. Six different forms, a standard contact form and a small and a large whistleblower form, stand-alone or embedded in existing websites (including WordPress and Drupal). Feel free to look at our demo of the stand-alone forms. The embedded forms are exactly the same but lack the part above the form itself, for example like this.
  2. You use your own logo and have the opportunity to customize the look with your own CSS. We can help with this if needed (not included in the package price), or you fix it yourself, you get a template from us.
  3. The forms are built with a language library and in the package have support for Swedish, Finnish and English which are activated as desired (one or more optional). You can add other languages, you can translate yourself or we will help (not included in the package price).
  4. In the large whistleblower form, you can have more than one recipient, which is recommended in a small business where, for example, there is only one person with HR or personnel responsibilities. We can create several free E2EE email accounts if they are to be personal, or a complete E2EE solution for your organization (see point 9).
  5. Choose one of four different domains; secure.ax, sec.contact, secform.se or turvaisa.fi. The address of the form is a combination of your account ID and the domain, for example our stand-alone contact form is available at the URL “https://scab.secure.ax“. If you want to use more than one of the domains with your customer ID, that’s fine (not included in the package price).
  6. Certificate from Buypass or LetsEncrypt included (always https). You can also buy another certificate from any issuer through us if for some reason you do not want to use a Buypass or LetsEncrypt’s certificate (not included in the package price).
  7. Two different server locations are offered today in the basic package; in Finland (new!) or Germany. All our servers, regardless of supplier, are built with the same high demands on security and protection against traceability. If servers in new countries appear later in the base package, you can switch to a server in the newly added country for a one-time cost if that country suits you better.
  8. A free E2EE protected mailbox to receive messages from the forms. If you would rather use your own solution to receive E2EE encrypted messages, this is fine, but it must support PGP. We have various interesting options (eg with support for Outlook, Thunderbird or Apple Mail), for secure E2EE e-mail from an external provider if you need help with this (not included in the package price).
  9. Costs.
    1. Our basic package has a one-time installation/setup cost and a continuous subscription cost for the operation of the service, which we charge in advance, against invoice. See current prices here, the terms can be found here.
    2. If an external supplier is used as receipt of form data from us, we charge for the work of setting up that service if it is not included in any of our packages or offers. You then pay any subscription costs directly to the supplier according to their price list and terms etc.
    3. All extra costs for our work that are not included in our packages are charged as consulting jobs according to our current price list.

It is very easy to get started with our basic package and there are good opportunities to adapt to different needs. If the basic package is not enough, we can of course create completely tailor-made solutions; eg own server in any country, own domain, special high-security forms for other needs.

This is the technical part of your solution. We are also happy to help create the process that belongs to the whistleblower form, as a consulting job. Get in touch and book a digital meeting for a discussion about your special wishes and needs.