The best ways to send sensitive documents via Email

In general, anything you send via e-mail is plainly viewable by any mail server that handles the message all along the way (and any individuals that have access to those servers), so sending a regular message with sensitive information is not recommended.

When you send an e-mail message, you have no control over who handles the message, how many copies are stored along the way and how long those messages get stored on mail systems along the way.

Depending upon how and where you send the message, there may be 3 or 4 different mail servers that take part in delivering the message.

Some mail services like Gmail and Yahoo automatically encrypt the transmissions (https:) between you and their servers, but once it goes to another mail server that does not, your message is back to being in plain view.

If you use Gmail and your recipient uses Gmail, Google keeps your messages encrypted the entire way as it moves from your machine through its various systems and data centers, but it creates another point of exposure.

If your email account ever gets compromised, all of those sensitive messages and attachments would be a treasure trove for a hacker.  If you’re going to be realistic about security, it’s much more likely that your account will be compromised than it is to have your message randomly read by a third party.

If a hacker compromises your email account, all he has to do is scan your sent messages for every sensitive document that you’ve ever sent in one place, so that’s another reason to avoid sending sensitive information and documents via e-mail.

If you’ve already sent a lot of sensitive information via your e-mail account, you might want to take a few minutes to scan through and delete those messages to avoid this scenario.

There are a host of methods for encrypting your e-mail messages using the PGP (Pretty Good Privacy) protocol at http://www.pgpi.org but for most people, it’s too technical and is better suited to those that need to exchange information on a regular basis.

If you only need to send something securely to a person one time, finding a less technical and more convenient method of getting the information to them makes more sense.

If you both still have old-school, non-computerized fax machines, that certainly keeps your information off the unsecured Internet, but be careful with e-mail based fax services as you’re right back in the same boat again.

If you both have an account on Google Drive (http://google.com/drive ), DropBox https://www.dropbox.com or any other of the numerous file sharing services, you can share the document instead of sending it via e-mail.

If you don’t know what the receiving party has or you have never used a file sharing service, you can look to web service such as https://www.sendinc.com to get the job done.

With Sendinc, there’s nothing to download, install or setup and the basic service is free.  It allows you to send up to 20 encrypted messages a day with a maximum size of 10Mbs.

All messages are sent to your recipient using military grade security and the free service will automatically delete the message after 7 days.

If you want more control over when the message gets deleted or you send a large volume of sensitive documents and messages, their Pro account costs $5 per month and increases your sends to 200 per month and up to 100Mbs in size.

Print this article Back to Top

Comments