There are three ways to make sure you're emailing documents securely:
- Encrypt the entire email.
- Encrypt attachments.
- Password protects the file.
Below, we'll show you more details.
Encrypted email service
It is unsafe to use Gmail, YahooMail!, Outlook or Apple Mail which are seriously insecure. Instead, it would be best to consider using a more secure online encrypted email service.
Alternative secure encrypted mail providers:
- Proton Mail
- Kolab Now
Of course, there are many similar mail providers online.
Suppose you want to choose the most secure encrypted email service to send documents online securely and privately. When choosing an encrypted email service, you need to pay attention to whether it has the following characteristics:
Use a high level of encryption
Not all encryption is created equal, so be sure to understand the provider's level of encryption for your emails and attachments:
End-to-end encryption (both in transit and at rest.)
Encrypt server connections.
Zero access encryption.
The fewer logs that encrypted emails keep, the shorter, the better. Some email services don't keep any logs, so these are your best options for securely sending encrypted messages and documents.
No IP address
While IP geolocation won't reveal your exact location, it can still reveal enough information about you. For example, your Internet Service Provider (ISP) and your approximate location.
An accurate GeoIP service not only shows your ISP. It also shows your latitude/longitude, region, city/town, zip code, and type of internet connection you use (cable, dial-up, cellular, etc.)
This information may not be much on its own but combined with some other information; it can reveal a lot. That's why email providers need to remove your IP from email.
Since the introduction of privacy laws such as PDPA, GDPR, etc., reading privacy policies and terms has never been more important.
The service provider needs to inform you how your data is collected, stored and used. And, under what circumstances do email providers have to share your information with third parties.
Using an encrypted email service is a very secure way to send and receive documents over the Internet, but it has a downside (both sender and recipient must use the same encryption protocol.)
The sender uses PGP, and the recipient should also use PGP. For example: if you both use the same mail provider (Liverado), the recipient uses Liverado, and the sender uses ProtonMail. Then there is no problem because both mailers support PGP encryption.
However, it will be a problem if the sender uses a protocol such as S/MIME, but the recipient doesn't support it.
So how do you send sensitive information over the Internet? The answer is encrypting the attachment itself.
You can do this by using the .zip standard. Here you will have two options
The two use slightly different encryption methods, but in general 7-zip uses AES-256 (this is the strongest version of AES).
WinZIP uses two methods, Zip 2.0 (this is legacy encryption, not very good) and AES (Windows doesn't support it, so you won't be able to extract it on a Windows machine.)
Whichever you choose, 7-Zip or WinZip, you need to download and install it on your computer before you can use it.
We'll show you how 7-Zip does (it should also be the same as WinZip):
Start the program.
Find the file you want to encrypt in the file manager.
Select the file and click Add.
A new window will open with the title Add to Archive.
Change Archive Format to Zip from the drop-down menu.
Select AES-256 in Encryption method.
Please enter your password in the Enter Password text box, then re-enter the password in the text box below it.
Once your files are encrypted, a zip folder icon will appear. Be sure not to send passwords with Zip files, as they may be intercepted in transit.
In addition to the above two methods, you can also use passwords to protect files.
But according to F-Secure in Helsinki, 23% of spam contains malicious attachments.
The 5 most common attachment types that are most likely to contain malicious content: .doc, .pdf, .xls, .zip, and .7z.
A Word document is probably the most common type of file you'll send or receive as an attachment in an email.
Follow the steps to use passwords to protect the word docs:
Create the Word file you want to attach.
Click Save As from file in the main menu (choose a descriptive file name).
In the File drop-down menu, select Info.
Click Protect Document next to Permissions.
Select Encrypt with Password from the popup menu.
A new window will open, and you must enter your password in the text field. Remember, this password cannot be recovered, so keep it safe.
Click OK, and the file will now be password protected.
Then send the password to the recipient, so they know how to open it.
If you're using Google Docs, you can't add a password to the document or the file itself because Google Docs doesn't support it.
If you're using Google Drive, you can upload encrypted files to it and add a password. Anyone can access them using the Secure File Encryption Drive plugin. Your account password will protect your files and documents.
All in all, encrypting your entire email using encrypted email is the best way to send confidential or sensitive information.
Once, now a long time ago, if you wanted to send an important document, you would do that through a postal service.
Today, the postal service is far from its heyday thanks in large part to email and file-sharing services like Google Docs, Dropbox, etc. In fact, according to one report from 2010, there were 59 million fewer visits to the post office than there were in 2009.
However, there are still people that continue to send and receive their mail the "traditional way" in 2021.
One reason is that they see the postal service as safer than email messages to send secure documents, at least paper ones.
Is this really the case or is it more secure to send such documents via an email message?
We'll try to answer the big question "what is the safest method to send sensitive documents" in this article. Postal service or email service?
Why Email Messages May Not be Safe for Sending Sensitive Documents?
First, let's answer an obvious question.
Why email is not the best way to send sensitive documents?
When we're talking about email in this context, we are talking about popular, free email services like Gmail, Yahoo or Outlook. It's true, this is not the safest way to send a sensitive document to someone.
There are a few reasons for this. The biggest is the fact that the recipient's connection may not be secure. If they are using an unencrypted HTTP instead of the HTTPS Internet connection, it's easy for a hacker to perform a man-in-the-middle attack (MitM), spy on your communication and even commit identity theft.
What About Mail or Hand Delivery?
Mail and especially hand delivery (via courier) are still considered the two best options by many to send sensitive documents, at least when it comes to paper copies.
The fact that it's illegal in the United States and many other countries to open someone else's mail is also a good deterrent against potential criminals.
Of course, it's not all that perfect.
Sending a document via mail or by hand delivery is considered slow today. Simply put, our notions of "fast" and "slow" have changed a lot as the Internet evolved and most people are not willing to wait two or three days to get an important file like would be the case with the postal service.
What Email Encryption Method is the Best to Send Secure Documents to Your Recipient?
So both regular email and postal service/hand delivery have their upsides, but also some downsides that don't let us recommend them fully when you need to send a sensitive document.
With email, the problem lies mostly in the security of the network the recipient is using. If it's not encrypted, the message or data that goes through will have some security vulnerabilities.
On the other hand, postal service and hand delivery are usually slow and may often take a couple of days, plus they only work with paper documents. For electronic documents, which are used more often today, you can't use these.
However, email has an ace in its sleeve and it's called encryption.
What is email encryption and how encryption keys work?
Email encryption involves protecting potentially sensitive information by encrypting, or otherwise disguising the contents of email messages and attachments so that none but the intended recipient can read them.
Typically, email encryption uses PKI, or public key infrastructure to protect email messages and the data within them.
This means that email providers use a combination of a public key and a private key. The public key is used to encrypt the data (turn plaintext into ciphertext) and it's publicly available. On the other hand, the private key is used to decrypt the data. The private key should be only known to the recipient.
This is also called "asymmetric encryption" and is used in most email encryption methods, including PGP (pretty good privacy) and S/MIME (secure multipurpose internet mail extensions) encryption.
PGP and S/MIME Encryption Explained
PGP and S/MIME encryption are somewhat similar in that both use public key cryptography, but there are a few differences.
For instance, PGP is primarily designed to process plain text, while S/MIMe encryption can process other multimedia files other than email.
Also, PGP relies on the users exchanging their keys, while the requires a valid MIME certificate and a digital signature, which you can get from MIME certificate authorities (CA)
The biggest problem with S/MIME lies in CA and it's twofold.
On one side, you need to find a MIME certificate authority that you can trust.
On the other, your certificate will expire usually after a year. Once that happens and the certificate is lost, you won't be able to decrypt messages that you've encrypted using its key.
PGP also has some issues, mainly that it might be too complex for some users. However, there are today more and more secure email providers that use PGP by default instead of having to install a 3rd party PGP software like with popular email services.
In both cases, PGP and S/MIME, the best security practice is to avoid using them with webmail because you need to keep the private key away from the webmail's server.
For example, Liverado encrypts all your email messages by using ECC (curve25519 or better) encryption using the OpenPGP standard on the client side. All messages are encrypted using the recipient's public key before they are sent to the server.
Looking for a secure provider to send some sensitive email? Try Liverado: encrypted Email and avoid data breaches for good.