After 25 years, it should be common knowledge that email one of the least secure forms of communication imaginable. SMTP (Simple Mail Transport Protocol) uses a “store and forward” process that can leave copies of your emails scattered on servers all over the world.

So, how can you protect sensitive information sent by email? (Side note: sternly worded confidentiality notices are worthless from a legal standpoint, so why do so many attorneys include them?) To simplify the problem, I’m only going to address protecting attachments, not the text of the email itself. We need a process by which only the intended recipient of the attachment has the ability to open it. It also needs to be simple to implement for both the sender and recipient.

Protecting documents outside of email

Both Microsoft Office and Adobe Acrobat have the ability to save documents with password protection. Once the document is saved, it can be attached to a standard email and even if the email is intercepted, the attachment will be unreadable without the password. The obvious problem with this approach is that the recipient has to get the password somehow (and sending it with the attachment is rather self defeating). Sending the password in a separate email is marginally secure; delivering it by phone or text message is better.

It is also possible to password protect any file, regardless of the program in which it was created. For this you’ll need an archiving program, such as 7-Zip (Windows or Linux) or KEKA (Mac). Both the sender and recipient must have programs that can encrypt and decrypt the same file type. The programs mentioned above both use the popular 7z format.

Another option is to use a file sharing service such as Google Drive or Dropbox to store the file securely, and give access to the recipient. Send them the link in an email and they will be required to log in to access the file. The downside is that they need an account on whatever service is being used.

Protecting documents inside email

While the above methods work perfectly well, they’re not all that user friendly and require a lot of coordination between sender and recipient. It would be much better if the entire process took place inside of the sender and recipient’s email programs. Given the insecurity of email, doing this requires a different approach to delivering attachments. The attached document is uploaded to a secure server and the recipient receives a personalized link to the document, which expires after some period of time. Here’s how the SendSafely service describes the process:

Bob Encrypts Items and Uploads them to SendSafely
Before Bob uploads items for Alice, they are automatically encrypted with a secret value generated on Bob's machine. The encryption happens before the items ever leave Bob's machine. SendSafely doesn't know the secret value Bob's machine used to encrypt the items, so SendSafely cannot decrypt them.

Bob sends Alice a Secure Link
Bob's machine generates a link that includes the secret value, and Bob emails that link directly to Alice. Since Bob controls the secret value, he controls who can access the files.

Alice uses the Secure Link to Access the Items
When Alice clicks the link, SendSafely verifies her identity and sends her the encrypted items. Only she is able to re-compute the encryption key and decrypt the items.

SendSafely is a paid service with a free trial. They also have a free tier with limited features for infrequent users. Plugins are available to integrate with Outlook or Gmail, and it can also be used stand-alone with any email service.

If you’re a Gmail user, the new Gmail also includes a feature called Confidential Mode. Here’s how they describe it:

You can send messages and attachments with Gmail's confidential mode to help protect sensitive information from unauthorized access. You can use confidential mode to set an expiration date for messages or revoke access at any time. Recipients of the confidential message will have options to forward, copy, print, and download disabled.

Note that some security experts have pointed out flaws in Google’s process. However, if you understand the caveats, it’s a big improvement over regular email. Unfortunately, Confidential Mode is currently available only in consumer Gmail, not business G Suite.

If you are using any of these (or other) methods for protecting attachments, please let me know your experience. Just click reply to this message and I’ll get it.

Until next week.