I thought everyone knew that email is NOT a secure method for transferring sensitive information. Apparently not, because at Company X (where, by day, I’m the mild mannered Draconian I.T. Overlord) one of our employees hit the roof when Accounting asked him to verify sensitive account information… via email.
Could be worse – she could have asked him over the building P.A. System.
But honestly, email is not secure. Oh, I know you’re thinking, “But Zero, I’m using https for everything! I run Tor and Disconnect through a proxy service over my neighbor’s wifi! It can’t get any more secure than that, right?”
OK, so maybe you weren’t thinking that. Maybe you weren’t even understanding that. My point is, you can add all the security you like to your computer and your internet connection, but those are just pieces of the whole problem, and small ones at that.
Trouble is, after the mail leaves your email service provider, it bounces all over the bloody interwebs in what can best be described as a worldwide game of Marco Polo crossed with Chutes and Ladders before it arrives at the recipient’s inbox. During that trip, it’s trivial for any waypoint on the internet to snoop on the data en-route (called ‘sniffing’) or even make a copy to take offline and hack at later. There are programs ready-made to do this, so it doesn’t even take programming skills. (The programs are called scripts, and people who use them are called script kiddies, btw…)
So I thought it would be prudent to remind everyone of the postcard analogy:
Emails Are Like Postcards
Digitaltrends.com sums it up this way:
…for the foreseeable future, Internet users cannot expect email to be secure from prying eyes or interception. Period.
And here’s what Wikipedia has to say about it:
Email has to go through potentially untrusted intermediate computers (email servers, ISPs) before reaching it’s destination, and there is no way to tell if it was accessed by an unauthorized entity. This is different from a letter sealed in an envelope, where by close inspection of the envelope, it might be possible to tell if someone opened it. In that sense, an email is much like a postcard whose contents are visible to everyone who handles it.
So the takeaway is: Don’t use standard email to send passwords, ssns, credit card numbers, account numbers, birthdays, mother’s maiden names, or any other info that you wouldn’t yell out loud at the courtyard in the Mall of America.
So how can I send sensitive info?
The answer to this question is encryption, where the email is encoded before it is sent. Sounds good right? If you encrypted the message on a postcard, you wouldn’t care who viewed it in transit. The problem is that the message needs to be decrypted at the receiving end. So it requires either sharing the encryption key with the recipient, or sharing a service which does the encryption/decryption for you. Here are some options:
Paid – Encrypted Email Services
Of course there are folks who will take your money to provide encrypted email services. HP’s SecureMail is an example. At $99 per year, it will allow you to create and send encrypted mail. But both parties need to buy into the secure mail service for it to be effective.
If just the sender has the service, the recipient will just get a notice of the email, similar to the way you receive sensitive info from financial institutions: “Please sign into the secure message server to read an IMPORTANT MESSAGE!” And that would get annoying. Also, they won’t have a copy of the email in their own email system. Furthermore, if someone sends YOU sensitive info via unencrypted email from an unsecure server… postcard. So this is only really useful if both sender and receiver use the same service. Good luck getting your agent, editor and all your beta readers to pay $99 per year for email service.
It should be obvious now why this method isn’t very popular.
If you decide to go with an encrypted mail service, make sure to pick a company you trust. Jimmy’s Kewl Encrypto-Mail Plus sounds like a bargain at only a dollar per month, but do you really trust Jimmy to keep your data safe?
Free – Encrypt Your Own Email
For the “why can’t it be free?” crowd. Open PGP (Pretty Good Privacy) is free and effective, but the setup requires a 4-year degree in computer science and the sacrifice of several virgins. Here’s an article on how to encrypt your own email using PGP.
Speaking of painful, facebook (spit) now allows you to enter your PGP key for encrypting your facebook (spit) email. So if both the sender and receiver set it up and keep their mail within facebook (spit), it would theoretically allow secure email communication. But I personally wouldn’t trust that company to walk my cat, so good luck with this option. Encrypting your email on facebook (spit)
Password-protected file attachment (Requires Word, Excel, PowerPoint, Adobe Acrobat Std, 7-Zip or other software)
A far easier method is to put the sensitive data into a password-protected file, and attach it to the email. There are many programs that have encryption built-in:
- How to encrypt/password protect a pdf document using Adobe Acrobat Standard.
- How to encrypt Microsoft Office docs (Word, Excel and PowerPoint)
- How to encrypt ANY files using 7-zip
The question is, “are these methods really secure?” The answer is, “Mostly.” At the very least, they are much better than sending the sensitive info in an unencrypted email. Here is a discussion about the security of application-specific encryptions like the ones I’m mentioning here.
What a Pain! Seriously Zero, how can I cheaply and easily send sensitive info across the bleeping planet?
All this mucking about with encryption makes you wonder if your Steampunk Paranormal Romance manuscript is really that sensitive. But we can’t simply hand our data over to script kiddies, mobsters and the NSA. Besides, businesses are chomping at the bit for a simple and effective method of transmitting proprietary and confidential data across the planet. That means there’s money to be made, and that means it’s only a matter of time till someone solves this problem.
The good news is you do still have some options. Here are some methods of data transmission that are more secure than email and easy to use:
- Fax – The only unsecure thing about a fax is that you don’t have eyes on where it comes out in the real world. Is it going right into the hands of the recipient, or sitting in the public copy room for a week until the recipient gets back from vacation? This method is best if you coordinate the sending with the recipient. Just be sure the recipient isn’t using some kind of fax-to-email conversion service, or you just wasted your time…
- Phone – Although this one is still questionable, phone calls can be tapped, no doubt, and that voice-to-text technology is getting better. That said, it is going to take a bit more work to actually pull off a wiretap of the cellular phone system. That’s beyond the reach of script-kiddies for now, so unless you are making plans to destroy the entire world, or doing something terribly heinous, I’d trust the security of a phone call over an email any day.
- Postal (snail mail) – Until the NSA installs X-ray vision in their spy satellites, this is still the simplest, most effective way to communicate secure information.
Hope this helps! Let me know if you can think of other methods.