REMOTE SUPPORT
SUPPORT
Recently I had a charitable organization ask me for some paperwork via email. As part of this, they requested some tax information, including my social security number. This got me thinking.
Sensitive information, including your SSN, should never be sent via email without encryption. It’s important to remember that email is NOT encrypted and NOT secure. It can’t be, because it’s universal — any email provider can send email to any other provider, without any worry about the person on the other end being able to open the message.
So, how do you send sensitive information via email? There are three ways to do this securely.
- Encrypt the attachment prior to sending. This can be done with an encrypted PDF, or any number of other standards. The key here is to provide the password to the recipient in some way that it isn’t known to someone intercepting the email message. Don’t put the password in the email, and don’t send a second email with the password. You can call the person, text them, mail a post card, or even make the password something you both know.
- Share the file via a file sharing system. I’ll use Google Drive as an example. You can share files with anyone via Google Drive. If you share the file via an email address, the recipient has to be logged in to retrieve that file. This method avoids sending the file via email all together, and instead sends a link which can only be opened by the recipient.
- Use a 3rd party “secure email” system. There are tons of these, and they’re all fine. You’ll pay for this option, so check with your IT provider for assistance.
Identity theft is no joke. Taking simple precautions, such as not sending sensitive information via email without protection can keep you and your customers safe.