The principle
Email is sent "in the clear", which means that it is not encrypted and can therefore be read by anyone who sees the traffic sent over an internal network or the Internet.
Large files are often not allowed by the e-mail provider or the company server. Do you know why? It is because disk space is quickly consumed by the unlimited use of e-mail attachments and especially when "cc:" is used to send to multiple recipients.
Certain file types such as .exe or .data may not be allowed to be transferred or may be restricted, especially on corporate mail servers, as they may hide viruses or spyware.
Finally, the last reason not to send confidential information by email, in addition to the regulatory requirements, is that it is simply not secure.
So here are 4 ways to secure your attachments.
PGP
OpenPGP to encrypt the file before attaching it to an email can be used to send the file securely. This does not encrypt the content of the email body itself, only the file attached to it.
The recipient must create a public key and send it to the sender before sending the encrypted file. This key will be needed to decrypt the file. Of course, the recipient must also have Open PGP software and a minimum of IT knowledge to create such electronic keys. The sender will have to encrypt the file using the public key of that specific recipient. Finally, the recipient will have to decrypt the file with their corresponding private key.
The disadvantage of this method is that it cannot be used to send files to multiple recipients. Most users do not have the knowledge to perform this type of secure file exchange and will usually resort to other simpler but insecure methods.
Zip
Compressing the file using zip software (available free of charge) can be used to secure the file provided that it has encryption features such as AES. Once the file is zipped and a password has been assigned, it can be attached to an email and sent. The password must be sent separately. The recipient must also have software with the same encryption capabilities to decrypt and decompress the file. The disadvantage of this method is that many corporate email systems block .zip attachments for security reasons.
S/MIME
This encryption method requires that both the sender's and recipient's email systems support S/MIME communications. The sender must create a certificate and send it to the recipient. The recipient will then need to know how to import the certificate into their email client. Once the certificate is in place, a secure email can be sent, received and decrypted. The disadvantage of this method is that it is intended for people with some skill.
Secure FTP
This method does not use email to send the file. However, it encrypts the file and sends it directly over a network or the Internet using secure file transfer protocols. The sender must have a secure FTP Client installed and the recipient must have a secure FTP server installed. The recipient must set a username and password for the sender. The sender can then connect with their secure FTP Client and transmit the file.
While each of these methods certainly allows the sender to ensure that the file is secure, they do not address some of the other issues related to blocking file types and obtaining audit trails. The disadvantage of this fourth method is that it requires experts to implement it.
So what to do?
There are other solutions that combine the ease of use of email with the ability to secure both the file and the email text. These solutions are commonly referred to as 'secure mail' or 'secure managed file transfers'. If your main problem is IT knowledge, solutions are offered in SaaS. That is, they are managed by a service provider who provides the software, infrastructure and services to keep track of the company's transfers.
The operation of these solutions is simple. Secure email uses the Outlook email client and/or a web client using secure HTTPS protocols. The sender simply creates the email on their email system and then using the installed plugin, they can send their secure email.
The recipient receives the email with a link that redirects them to a secure HTTPS web page with files available for download. No additional certificates, dongles or software combinations are required for either the sender or the recipient. All files remain on the sender's secure network and there is no file size limit. A detailed and easily accessible audit log is kept to record the secure exchanges made.
home!