scope:

This document applies to all information systems and services owned, operated or supported by (or on behalf of) TfL.

The intended audience for this document includes:

• Security practitioners; particularly Cyber Security.
• Business areas and process owners that wish to (re-)assess their information exchange needs.
• Users of TfL information systems or service that wish to know which file types are blocked under TfL security policy.

Purpose

This guidance document identifies which file types, by file extension, can be downloaded onto TfL information systems from the Internet; or sent and received via TfL e-mail accounts.