I’m occasionally faced with this same dilemma. Either for expediency or convenience, I want to email something I wouldn’t want to fall into the hands of anyone else.
While there are many approaches, there’s really only one pragmatic approach.
Become a Patron of Ask Leo! and go ad-free!
Secure email
Email is a fundamentally insecure media. I liken it to sending a postcard in the mail: anyone who gets their hands on it can see what it says.
Normally, we think about the servers and administrators who might have access to our messages as they make their way from our inboxes to those of our recipients, but the problem isn’t limited to that scenario. Anything from a typo in an email address to a misconfiguration in an email server can cause email to be delivered to the wrong recipient.
How do you protect yourself?
Encrypt the data
The only really sure way of being protected is to use encryption.
On the surface it sounds very simple, and conceptually it is: you encrypt the data in some way such that only the recipient can decrypt and view it.
In practice, however, encryption ranges from complex to cumbersome.
Encrypted email
There are a couple of standards for encrypted email. There are two problems:
- You and your recipient must use the same standard1.
- You and your recipient must set up appropriate encryption keys in advance. Typically, this means creating or obtaining a public/private key pair and installing them appropriately.
There’s actually a third problem: not all email program interfaces support these standards.
It’s complex enough that I can’t really suggest this an approach for most users.
Encrypted attachments
The more pragmatic approach is somewhat more cumbersome: encrypt the document prior to sending it, using a ubiquitous standard, and then send the encrypted document as an attachment to your email.
The “ubiquitous standard” I’d recommend would be Zip. While technically a compression and archiving tool, Zip format includes the ability to password-protect a .zip file. In this case, password protection means the contents of the file are encrypted. I’d recommend using a tool like 7-Zip to perform the encryption, making sure to select standard “.zip” format for maximum compatibility. Compatible zip (or more correctly, unzipping) programs are available on almost every platform imaginable.
All you need do is share the password via some other channel with your recipient, so they’ll be able to decrypt the attachment when it arrives.
Bypass email
You could also use an alternate mechanism, such as a secure messaging app, to send your information. Tools like Signal or WhatsApp both provide end-to-end encryption and file-transfer capabilities. You’ll both need to use the same tool.
This is a problem journalists face all the time. As an example, the Washington Post has a number of mechanisms for contacting them securely, including encrypted email, messaging tools, and more. While you and your recipient need to agree on the mechanism to be used, perhaps reading some of the solutions journalists use might spark some additional ideas for your situation.
Do this
Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
I'll see you there!
I agree with Leo – encryption is the only way to ensure that a message is sent securely across the web. You should check your state’s data privacy laws because (at least in MA) any information deemed PII, MUST be encrypted when it travels across public networks. If not, you are in violation of the law. See the rules for handling PII here: http://www.gsa.gov/portal/content/104276
Encryption can certainly be difficult and confusing to do on your own – especially if you are not an IT person. You should look into an automated secure communication solution like Ziptr – http://www.ziptr.com
All good suggestions; 7-zip would be preferable to AxCrypt unless only one file is involved. I also believe the latter only uses 128-bit encryption. Should the attachment be too large for email, it could be (zipped securely first!) posted on, say, Adrive (50 GB free storage), link sent to recipient direct, password separately by other means.
Funny thing, I just uninstalled Signal, along with Facebook and Skype from my phone today. I installed Signal a while ago but with no other friends who use it, it was useless to me. If I could get everyone I know on it, I’d prefer Signal.
I was able to extend the battery life by uninstalling apps I don’t use which are constantly going on-line to check for messages and only turning on GPS location when I need to go somewhere new and only turning Bluetooth on when I need it.
I do most of my messaging on WhatsApp and FB Messenger. WhatsApp is currently the most ubiquitous messaging App with only one major drawback, you need to have a smartphone and to use their computer app, your phone needs to be connected. That’s fine 99.9% of the time but for that one person in a thousand I want to communicate with… At least that person, in my case, is a (tinfoil hat level) security fanatic and we use GPG.
Tried the .zip approach this morning. My addressee’s email system (server, client?) stripped the .zip attachment, sending a message back that the attachment was a security risk. (As a DOD contractor I can use AMRDEC. Either the sender or the receiver must have a government CAC to do so.)
One solution to the “.zip file is a security risk” problem that I’ve found works is to rename the file, changing the .zip extension to something else (I use my initials, PKW).
The recipient then changes the extension back to .zip in order to unzip it.
I’ve never had trouble sending a .zip file attachment. I wonder if the person who mentioned the problem had an executable file (.exe) included in the .zip file. I tried to get around Gmail’s blocking of sending .exe files by zipping them but it didn’t work. I got around it by sending a .rar file (a different compression method) but I imagine many people don’t know how to decompress those. The free 7-zip file archiving utility opens them.
Some corporations filter attachments for that reason as well. One thing to try is to rename the file to something other than “.zip” prior to attaching it. Say to “.leo”. Then if it makes it through tell the recipient to rename it back to “.zip” when they get it. Not all filters will let this pass, but some do.
I’ve used a Pwd protected PDF at times to do this. I’m not sure how PDF encryption compares with these other suggestions. Also, I have used the MS Office encryption sometimes to pwd protect a spreadsheet, but I’ve heard that this method isn’t very secure.
It’s reasonable if you just want to deter the casual snooper. $50 to $100 will get you a number of programs that claim to break the encryption of a pdf document. Encrypting the document to require a password to open the file is stronger protection than encryption to limit modifications to a pdf.
I receive a number of statements fro South African financial institutions that are pdf documents & require a password to encrypt.
I guess the normal password rules apply. Make it random, diverse and long.
I once had an Excel file which required a password to edit. There was a bug I needed to fix so I downloaded a free utility and it cracked the password in seconds. They may have improved, but I’d only use the built in encryption to keep the good people honest.
Both have gotten better over the years. Personally for maximal security I prefer using a tool for which encryption was baked in from day one.
This may not be a great option for one-up transfers, but to share files from Winnipeg with my son in the UK I use the free version of Resilio Sync. This program is based on bittorrent technology (it was formerly called BitTorrent Sync) but does not use a third party server as an intermediary. Once a share is set up between two (or more) computers, any files added/removed/modified in the shared folder are replicated to the other machines in the share group. Files are encrypted before leaving the host computer and decrypted when they are received. The transmission path is always the shortest possible path between the shared folders. There are no limits to the file size like there would be with email or online repositories like SpiderOak or DropBox. And if a connection gets interrupted for any reason, synching is resumed when the connection is re-established.
As a bonus, small changes to large files a replicated quickly as only changed portions need be resent.
I’ve used BitTorrent Sync as well as another tool that’s similar. It’s nice technology.
Firefox Send is an interesting option. A bit like Snapchat for sending documents. They are encrypted and self destruct after the first download.
If your concern is just emails between yourself and one or two specific people, then consider having the three of you set up ProtonMail mail accounts, for your conversations.
ProtonMail can send and receive messages from other mail programs, but those coming in are encrypted only when they enter the ProtonMail “universe” (as you would expect). However ProtonMail-to-ProtonMail messages are end-to-end encrypted
What are the collective thoughts on not actually sending the documents attached to the email……e.g. upload the docs to a G-drive folder, send the recipient the link to that folder for them to download themselves, then delete the folder as soon as you know they have them safely?
When you say the G drive folder, if you mean a Dropbox, OneDrive or GoogleDrive folder, then yes. That would bypass any overly aggressive filters. If you do that, you can even send a self-extracting (.exe) zip file which many email service providers block.
Yes sorry I did mean Google drive.