We send an estimated 306 billion emails every day globally, personal and professional. Still, it’s not secure. Any private data, proprietary information, or sensitive documents sent are at risk. Know that email is not secure on its own.
Sending an email is convenient and quick, but when it comes to confidential data, you’re better off choosing another method of delivery, one that doesn’t have as many potential points of access for an ill-intentioned actor.
Think about the path an email travels:
- First, you write it on your PC, laptop, tablet, or phone. Then, this message data gets stored in your email program or on your mail server. As a result, a hacker who has accessed your device using malware could read it.
- The email then goes out to your email server. If that server is compromised, your data is at risk.
- Your message then travels through countless networks to reach your recipient. Still, there’s no guarantee those networks are secure, especially not if you are crafting and sending that email from a public network in an airport or at a coffee shop.
- The email then hits the recipient’s email server, then their email program, and then their device. But the same risks that arose at your end are replicated on their side of the exchange, too.
When you send an email, you lose control of the security of that communication, and potential problems abound:
- Hackers could be intercepting and reading your email.
- You can’t be sure that your recipient’s server is encrypted at all times, if at all.
- A bad actor could impersonate a server to intercept messages, and you wouldn’t know any different.
- Your recipients may save that email in their mailbox for months or even years. So down the road, if they are compromised, your email is vulnerable.
- Recipients can inadvertently forward that email to unexpected parties.
- You can’t assign permissions or password protect that email.
The Solution to Email Insecurity
Stop sending sensitive information via email. Instead, select a method that allows you to check and control who has access to that data. This method could mean uploading the information to a private portal or sending it using an encrypted file-sharing service such as OneDrive. There are also encrypted messengers such as Signal, Wire, and Wickr Me, which offer end-to-end encryption and autodelete data to cut the risk of email exposure.
If the recipient needs a username and password, send the two credentials separately. For example, you might text them the password, mail it, or call and give it to the individual directly. When using a system that sends a password email to the user, contact that individual directly. Ensure that they receive the email, log in, and change the password to something else.
A virtual private network (VPN) is another good tool for securing email. A VPN is like an online tunnel that keeps your email traffic safe. The message sent or received stays encrypted from the rest of the internet. The VPN masks your internet protocol (IP) address, too, meaning you are also protecting your original location.
Sending information online is a tricky business. Don’t put your sensitive data at risk by relying on email communications. Instead, use the solution above or a similar method to protect your private and proprietary data.