Encrypted Email Attachments

Why?

The LETU Data Classification Policy (Policy 6.2 in the LETU Policy Handbook) details the need to keep Confidential and Sensitive Information (CSI) protected. Specifically, Restricted and Confidential data (as defined by the policy) should be encrypted. Email is a convenient way to move business back and forth. However, email is also the digital medium that is most vulnerable and at greatest risk for compromise. The preferred way to send and receive CSI is to use dedicated TLS-based web systems or APIs designed by vendors and partners for purposes of securely collecting and storing such information.

Using email even when encrypted is not a preferred way of handling secured data and is specifically prohibited unless the instructions below are followed, no better option is available and all use is consistent with guidance in LETU Policy 6.2: Data Classification. 

 

The preferred method for sending encrypted email is documented here. however the instructions below may be useful in further securing individual attachments to secure email.

How?

First step: Create an Office Document (Word, Excel, etc.)

Using Microsoft Office, put the needed information (CSI) into an Office Document. Many times, an organization requesting credit card number, social security information classified as restricted or confidential. These request come in the form of a Word or Excel document. 

Encrypt a Microsoft Office document (instructions for 2016):

  1. Open a document. Click the File tab on the menu bar.
     
  2. Select the Info Tab. Then click Protect DocumentEncrypt with Password
     Encrypt with Password
     
  3. Type a password in the Encrypted Document box, and click OK. Re-enter the password in the confirm Password dialog, and click OK.
    Type in password
     
  4. Click Save to save your changes
    click Save

 

Second step: email the document and communicate the password separately

Now that you have an encrypted document, you can email that document to the person requesting the CSI. Be sure and DO NOT email the password. You can text the password or call the person/organization and give them the password.

Print Article

Details

Article ID: 123654
Created
Tue 1/5/21 8:22 AM
Modified
Mon 10/11/21 11:55 AM