Encrypt it.
I’m occasionally faced with this dilemma. Either for expediency or convenience, I want to email something I wouldn’t want to fall into anyone else’s hands.
While there are many approaches, there’s only one practical approach.
Secure communication
Email isn’t secure. If you need to send private documents, you need encryption. The most practical approach? Password-protect a zip file and share the password separately. For ongoing needs, consider Proton Mail or a secure app like Signal.
Secure email
Email is fundamentally not secure. I liken it to sending a postcard in the mail: anyone who gets their hands on it can see what it says.
Normally, we think about the servers and administrators who have access to our messages, but the privacy problem isn’t limited to that scenario. Anything from a typo in an email address to a misconfiguration in an email server can cause email to be delivered to the wrong recipient.
How do you protect yourself?
Help keep it going by becoming a Patron.
Encrypt the data
The only certain way to protect your information is to use encryption.
On the surface, it sounds simple, and conceptually, it is: you encrypt the data so only the recipient can decrypt and view it.
In practice, however, encryption ranges from complex to cumbersome. You can encrypt the email, encrypt the document and attach it, use an encrypted email platform, or bypass email and use other, more secure technologies.
Encrypted email
There are a couple of standards for encrypted email. There are two problems with them:
- You and your recipient must both use the same standard1.
- You and your recipient must set up appropriate encryption keys in advance. Typically, this means creating or obtaining a public/private key pair, or encryption certificates, and installing them appropriately.
There’s actually a third problem: not all email programs or online interfaces support these standards.
It’s complex enough that I don’t suggest this approach for most users.
Encrypted attachments
The more practical approach is to encrypt the document using a common standard, and then send the encrypted document as an attachment to your email.
The common standard I’d recommend would be Zip. While technically a compression and archiving tool, the Zip format includes the ability to password-protect a .zip file. In this case, password protection means the contents of the file are encrypted. I’d use a tool like 7-Zip to perform the encryption, selecting the standard .zip format for maximum compatibility. Compatible zip (or more correctly, unzipping) programs are available on almost every platform imaginable.
All you need to do is share the password via some other channel with your recipient so they’ll be able to decrypt the attachment when it arrives. Ideally, you’d use technology other than email, such as a text, chat/instant message app, voice, or even in-person.
Encrypted email platforms
Proton Mail encrypts email, but there are catches.
- Mail between Proton users is encrypted by default2.
- Mail stored on Proton servers is stored encrypted.
- Mail sent to non-Proton users is not encrypted by default.
- Mail sent to non-Proton users can be encrypted with a password. In order to read the email, the recipient must visit a link pointing to the Proton servers and enter the password.
That latter approach technically isn’t email. Only a notification to access a specific page at Proton to access the message is emailed, not the sensitive content itself. The result is the same: the information, including attachments as needed, is delivered securely only to recipient(s) who know the password.
Bypass email
You could also use an alternate mechanism, such as a secure messaging app, to send your information. Tools like Signal or WhatsApp both provide end-to-end encryption and file-transfer capabilities. Both sender and receiver need to use the same tool.
This is a problem journalists face all the time. For instance, the Washington Post has several mechanisms for contacting them securely, including encrypted email, messaging tools, and more. While you and your recipient need to agree on the mechanism to be used, perhaps reading some of the solutions journalists use might spark some additional ideas for your situation.
Do this
If this is a one-time need, a password-protected Zip file is likely the best approach. If this is something you expect to do often, it might make sense to look into something like Proton to secure your email as needed, or tools like Signal for more immediate, real-time secure communication.
Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
I agree with Leo – encryption is the only way to ensure that a message is sent securely across the web. You should check your state’s data privacy laws because (at least in MA) any information deemed PII, MUST be encrypted when it travels across public networks. If not, you are in violation of the law. See the rules for handling PII here: http://www.gsa.gov/portal/content/104276
Encryption can certainly be difficult and confusing to do on your own – especially if you are not an IT person. You should look into an automated secure communication solution like Ziptr – http://www.ziptr.com
All good suggestions; 7-zip would be preferable to AxCrypt unless only one file is involved. I also believe the latter only uses 128-bit encryption. Should the attachment be too large for email, it could be (zipped securely first!) posted on, say, Adrive (50 GB free storage), link sent to recipient direct, password separately by other means.
Funny thing, I just uninstalled Signal, along with Facebook and Skype from my phone today. I installed Signal a while ago but with no other friends who use it, it was useless to me. If I could get everyone I know on it, I’d prefer Signal.
I was able to extend the battery life by uninstalling apps I don’t use which are constantly going on-line to check for messages and only turning on GPS location when I need to go somewhere new and only turning Bluetooth on when I need it.
I do most of my messaging on WhatsApp and FB Messenger. WhatsApp is currently the most ubiquitous messaging App with only one major drawback, you need to have a smartphone and to use their computer app, your phone needs to be connected. That’s fine 99.9% of the time but for that one person in a thousand I want to communicate with… At least that person, in my case, is a (tinfoil hat level) security fanatic and we use GPG.
Tried the .zip approach this morning. My addressee’s email system (server, client?) stripped the .zip attachment, sending a message back that the attachment was a security risk. (As a DOD contractor I can use AMRDEC. Either the sender or the receiver must have a government CAC to do so.)
One solution to the “.zip file is a security risk” problem that I’ve found works is to rename the file, changing the .zip extension to something else (I use my initials, PKW).
The recipient then changes the extension back to .zip in order to unzip it.
I’ve never had trouble sending a .zip file attachment. I wonder if the person who mentioned the problem had an executable file (.exe) included in the .zip file. I tried to get around Gmail’s blocking of sending .exe files by zipping them but it didn’t work. I got around it by sending a .rar file (a different compression method) but I imagine many people don’t know how to decompress those. The free 7-zip file archiving utility opens them.
Some corporations filter attachments for that reason as well. One thing to try is to rename the file to something other than “.zip” prior to attaching it. Say to “.leo”. Then if it makes it through tell the recipient to rename it back to “.zip” when they get it. Not all filters will let this pass, but some do.
I’ve used a Pwd protected PDF at times to do this. I’m not sure how PDF encryption compares with these other suggestions. Also, I have used the MS Office encryption sometimes to pwd protect a spreadsheet, but I’ve heard that this method isn’t very secure.
It’s reasonable if you just want to deter the casual snooper. $50 to $100 will get you a number of programs that claim to break the encryption of a pdf document. Encrypting the document to require a password to open the file is stronger protection than encryption to limit modifications to a pdf.
I receive a number of statements fro South African financial institutions that are pdf documents & require a password to encrypt.
I guess the normal password rules apply. Make it random, diverse and long.
I once had an Excel file which required a password to edit. There was a bug I needed to fix so I downloaded a free utility and it cracked the password in seconds. They may have improved, but I’d only use the built in encryption to keep the good people honest.
Both have gotten better over the years. Personally for maximal security I prefer using a tool for which encryption was baked in from day one.
This may not be a great option for one-up transfers, but to share files from Winnipeg with my son in the UK I use the free version of Resilio Sync. This program is based on bittorrent technology (it was formerly called BitTorrent Sync) but does not use a third party server as an intermediary. Once a share is set up between two (or more) computers, any files added/removed/modified in the shared folder are replicated to the other machines in the share group. Files are encrypted before leaving the host computer and decrypted when they are received. The transmission path is always the shortest possible path between the shared folders. There are no limits to the file size like there would be with email or online repositories like SpiderOak or DropBox. And if a connection gets interrupted for any reason, synching is resumed when the connection is re-established.
As a bonus, small changes to large files a replicated quickly as only changed portions need be resent.
I’ve used BitTorrent Sync as well as another tool that’s similar. It’s nice technology.
Firefox Send is an interesting option. A bit like Snapchat for sending documents. They are encrypted and self destruct after the first download.
If your concern is just emails between yourself and one or two specific people, then consider having the three of you set up ProtonMail mail accounts, for your conversations.
ProtonMail can send and receive messages from other mail programs, but those coming in are encrypted only when they enter the ProtonMail “universe” (as you would expect). However ProtonMail-to-ProtonMail messages are end-to-end encrypted
What are the collective thoughts on not actually sending the documents attached to the email……e.g. upload the docs to a G-drive folder, send the recipient the link to that folder for them to download themselves, then delete the folder as soon as you know they have them safely?
When you say the G drive folder, if you mean a Dropbox, OneDrive or GoogleDrive folder, then yes. That would bypass any overly aggressive filters. If you do that, you can even send a self-extracting (.exe) zip file which many email service providers block.
Yes sorry I did mean Google drive.