By default, most email is sent in plain text, meaning that anyone that intercepts an email can easily read its contents.
Yet even though there is no security on emails, unless specifically put there by a company or the user, lots of sensitive information is sent by email every day. This includes passwords, spreadsheets with customer personally identifiable information (PII), employee payroll details, confidential internal documents, and more.
41.7% of surveyed employees say they share work passwords with their colleagues. Many times, this is done via an unsecured email. Nearly 13% of employees admit to emailing their passwords to themselves to store in an email folder.
With business email being the main way that offices communicate internally and externally, you can imagine the security threat that email and other unsecured forms of messaging can pose if they’re not properly encrypted or secured.
Data security is important for compliance reasons as well as to avoid the devastating costs of a data breach.
The average cost of a data breach is $4.24 million.
Here are several important ways to safeguard PII and other sensitive and confidential information when you are sending it to someone else.
Pwpush.com has a Password Pusher that you can use to securely send passwords or text to another person.
The service is free to use and includes a secret link that you can send to the recipient. You can put two specific protections on the link:
- Days for expiration
- Views for expiration
After your designated expiration parameters, the message will no longer be viewable at the link.
The system will delete passwords once the link expires, and you can also choose an option to allow immediate deletion of the shared password or text once the recipient has retrieved it.
The site Sendinc.com is a service and Outlook add-on designed to encrypt your emails. You sign up for an account and can choose from three options, one of which is free.
Features of the free account include:
- Military-grade encryption of email
- 7-day limited message retention
- 100MB message storage
- 10MB max message size
- 20 recipients per day
If you only need to encrypt your email every once in a while, then the free option should be fine. If you want more features and recipient limits, other plans are $48/year per user.
The service notes that it is compliant with HIPAA, GLBA, SOX, and PCI-DSS.
OpenPGP Email Encryption
OpenPGP is an open-source standard for email encryption. This non-proprietary format uses public-key cryptography to encrypt data.
This one does not look to be quite as fast and user-friendly as some of the others, but it is completely free.
The company notes that this standard works with several popular mail programs, here are a few of those:
- Claws Mail
- eM Client
- Outlook: gpg4o, Gpg4win
- Post box using Enigmail
- Mac OS
- Apple Mail: GPGTools
- Canary Mail
- Postbox using Enigmail
- K-9 Mail: openKeychain
- Canary Mail
There are several others, including mail app browser plugins and Linux.
Microsoft Email Encryption
With the proper security add-on, you can use simple email encryption in Microsoft 365. This includes an encryption option that users can apply in Outlook online or the desktop application.
Email encryption in Microsoft 365 ensures that only the intended recipient can read the message. It encrypts not only the message text but also any email attachments.
Recipients do not have to be Microsoft 365 users to read encrypted emails that are sent to them.
Once enabled for an organization, users can choose encryption on an email-by-email basis. You can read more about how this encryption works here.
Virtual Private Network (VPN)
If you’re looking for a wider level of security that includes all messages or information that may be sent while online, then using a virtual private network (VPN) is a way to encrypt your entire internet connection.
VPNs are often recommended when on public Wi-Fi because they can keep your data from being vulnerable to a man-in-the-middle attack (when a hacker on the same free public network is using software to spy on user activity).
A VPN is not the same as email encryption, so it’s important to understand the difference. It’s not encrypting the email itself, but it is encrypting all traffic you send over the internet while you’re connected to it.
Looking for Better Password & Email Security? C Solutions Can Help!
C Solutions can help your Orlando area business with email and password security solutions, including exploring your options for company-wide encryption solutions and protocols.
Schedule a free consultation today! Call 407-536-8381 or reach us online.