How to Send Documents Securely Over Email
What do you do when you need to send sensitive information via email?
Simply putting an attachment to your email message is easy enough to do, but so will intercepting it be for someone other than the intended recipient.
If the attachment contains sensitive or confidential information, that could lead to a serious problem.
Fortunately, there is no shortage of ways to send documents securely over the Internet.
Email, for one, is not just an easy way to send a secure document.
It can also be a secure one if you know how to send encrypted email online.
There are really three ways to ensure you’re sending docs securely over email:
- Encrypt the entire email;
- Encrypt the attachment;
- Password-protect the document.
We are going to show you all the three methods here.
Use an Online Encrypted Email Service
The first method to send sensitive information via email is to ditch the woefully unsecured Gmail, YahooMail!, Outlook or Apple Mail and replace them with a more secure online encrypted email service.
Luckily, there’s no shortage of great secure email providers online to choose from.
Without going too deep into each provider, there’s:
- CTemplar;
- Protonmail;
- Tutanota;
- Hushmail;
- Mailfence;
- Kolab Now.
And many, many others.
But how do you choose a good one?
That’s actually the big question here as you want the most secure encrypted email service you can find to send documents securely and privately online.
Here are a couple of things you need to keep an eye on when choosing an encrypted email service.
What level of encryption does the service offer?
Not all encryption is created equal, so be sure to learn to what level does the provider encrypts your email messages and attachments.
Will data at rest be encrypted?
What about server connections? Are those encrypted as well?
Do they keep logs and how long?
The lesser logs the encrypted email keeps and the shorter it does, the better. Some email services won’t keep any logs at all, so these are your best bet for sending encrypted messages and documents securely.
Do they show your IP address?
While IP geolocation won’t show your exact location, it can still reveal enough information about you, such as your Internet Service Provider (ISP) and your general location.
A really accurate GeoIP service can reveal not just your ISP, but also your latitude/longitude, region, city/town, postal code, the type of Internet connection you use (cable, dial, cellular…), and more.
On its own, this information perhaps isn’t much but combined with some other information, it reveals too much. This is why it’s important that the email provider removes your IP from the email header.
Privacy policy and terms
Reading privacy policy and terms has never been as important as since GDPR came about.
You need to know how your data will be collected, stored and used, as well as how the email provider will handle requests from the government regarding your emails.
Encrypt the Attachment
Using an encrypted email service is a very secure way to send and receive documents over the Internet, but it has one flaw.
Both the sender and the recipient must use the same standard, whether PGP or MIME.
For instance, that means that if both of you are using the same provider or one is using CTemplar and the other ProtonMail, you’re okay since both support PGP encryption.
However, if one is using, let’s say Tutanota, which doesn’t support PGP (or S/MIME), that would be a problem.
So what then?
How do you send sensitive information over the Internet then?
By encrypting the attachment itself.
And you do this by using the .zip standard.
Here you’ll have two options – 7-zip and WinZip.
These two use slightly different encryption methods. We’re not going to go too deep into it here, but in general:
- 7-zip uses AES-256 (which is the strongest AES version);
- WinZIP uses two methods – Zip 2.0 (which is the legacy encryption and not very good) and AES (which is not supported by Windows and you won’t be able to extract it one Windows machines as a result).
Whichever you choose (7-Zip or WinZip), you’ll need to download and install it on your computer before you can use it.
Once you do that, here’s how to encrypt a file using it (we’ll show you the method for 7-Zip, but it should be fairly the same for WinZip as well):
- Launch the program;
- Find the file you want to encrypt in the file manager;
- Highlight the file and click Add;
- A new window title Add to Archive will now open;
- Change the Archive Format to Zip in the drop-down menu;
- Choose the AES-256 in the Encryption Method;
- Type your password in the Enter Password text box and re-enter the password in the text box beneath it;
- Click OK.
Your file will now be encrypted, which will be indicated by an icon of a folder with a zip over it. Be sure not to send the password together with the Zip file, as they could be intercepted.
Password-Protect the File
The third option to send documents and files securely over the Internet is to password-protect the file itself.
However, according to the Helsinki-based F-Secure, 23% of email spam contains a malicious attachment.
The 5 most common (and most likely to contain something malicious) attachment types are .doc, .pdf, .xls, .zip and .7z.
The most common file type you’ll be sending (and receiving) as an attachment in an email is probably Word doc, so here’s how to protect it with a password before you do that:
- Create a Word file that you want to attach;
- Click Save As (choose a descriptive file name) from the File in the main menu;
- In the File drop-down menu, select Info;
- Click on Protect Document next by Permissions;
- Select Encrypt with Password from the pop-up menu;
- A new window will open and you’ll need to type in your password into the text field. Keep in mind that this password will be unrecoverable, so keep the password someone safe;
- Click OK and the file will now be password-protected.
All that’s left to do is send the password securely to the recipient so they know how to open it.
If you’re using Google Docs, however, keep in mind that you can’t add a password to the document or file itself. Google Docs doesn’t support that.
Instead, if you’re using Google Drive, you can upload encrypted files to it and add a password for anyone to access them using the Secure File Encryption Drive add-on.
Instead, your files and documents will be protected with your account password.
So there you go. Three secure ways to send encrypted email online. Which one of these do you feel to be the most secure?