In your work and personal digital environment you will often have to deal with sensitive data: information that is classified and of utmost importance, such as passwords, API keys/secrets, personally-identifiable information, trade secrets, and classified company information. In light of cyber attacks and security breaches that are becoming quite common these days, it is important to protect and secure sensitive data, especially while it is being transmitted to other people through email. Here are some guidelines to securely send sensitive documents through email.
(Disclaimer: these guidelines are not tamper/hacker-proof, but will definitely deter hackers from easily obtaining your sensitive data)
1) Encrypt your document with a password before sending through email
a) Microsoft Office
The Microsoft Office suite (Word, Excel, PowerPoint) offers a built-in feature to encrypt documents with a password. To encrypt a document, simply:
- Go to File > Info > Protect Document > Encrypt with Password
- Type a password, then press OK. Type the password again to confirm it. Make sure to create a strong password that contains uppercase and lowercase characters, as well as numbers and symbols. If you lose or forget your password, Office won't be able to recover it for you. Be sure to keep a copy of the password in a safe place or create a strong password that you’ll remember.
- Microsoft Office will now indicate the document is protected. Each time you open the document, you will be prompted to enter your password to access its contents.
b) PDF (Adobe Acrobat)
The Adobe Acrobat PDF editor/reader offers a built-in feature to encrypt PDF documents with a password. To encrypt a document, simply:
- Open the PDF document and choose Tools > Protect > Encrypt > Encrypt with Password. If you receive a prompt, click Yes to change the security.
- Select Require a Password to Open the Document, then type the password in the corresponding field. For each keystroke, the password strength meter evaluates your password and indicates the password strength. Make sure to create a strong password that contains uppercase and lowercase characters, as well as numbers and symbols. If you lose or forget your password, Adobe won't be able to recover it for you. Be sure to keep a copy of the password in a safe place or create a strong password that you’ll remember.
- Select an Acrobat version from the Compatibility drop-down menu. Choose a version equal to or lower than the recipients’ version of Acrobat or Reader.
2) Prepare a safe link with password of encrypted document
There are various web services you can use to send a message that will self-destruct after the message viewed, or after a certain amount of time. Such services will let you type a message, which then turns into a link that you can copy-paste into an email message. You can use such a service to create safe link with the password of the previously encrypted document, and then include this link in your email message. To ensure you are using this type of method in a secure fashion, be sure to send the password alone, without accompanying information about what the password is for. Examples of services you can use are:
3) Send email safe link of password for encrypted document and attach encrypted document
For enhanced security, it is recommended to have the safe link expire after 1 view. If the recipient is not able to see the password due to an expired link, change the password of the encrypted document, create a new safe link with the updated password, and resend the newly encrypted document along with the safe link of the new password.
In an effort to supply information as quickly as possible, this article has been published prior to a formal technical review, and is subject to factual, grammatical, and various structural errors. Data may be incomplete, misordered, or incorrect.
This additional disclaimer will be removed upon formal review of this article. The standard Punchh Inc. KB Disclaimer still applies, and can be found at: https://support.punchh.com/hc/en-us/articles/360040100273-Punchh-Inc-Knowledge-Base-Disclaimer
If further assistance is required, submit a ticket to Punchh Support. (For help submitting a ticket, click here)