OIS Security Bytes: Secure Email Attachments

UNC’s Office of Information Systems will be posting bite-size IT Security tips for our users. This week's update focuses on how to make certain email attachments are secure. For more information, contact your local IT Support or chat with us at help.med.unc.edu.

OIS Security Bytes: Secure Email Attachments click to enlarge Securing Attachments!

Secure Email Attachments

UNC email is considered a secure mechanism for exchanging sensitive data.

However, when opening or viewing attachments in your email, Outlook (both local and web versions) will store temporary copies of the attachment on your local hard drive, subjecting that file to unintended risk of exposure.  To reduce this risk, sensitive attachments must be encrypted before sending them through our email system.

 Below are two straightforward options for encrypting your documents.

  1. Encrypt Microsoft Office documents before attaching them to your email. Simply use a strong passphrase and communicate it (separately via phone for example) to the users that will need to access the file. Here is a link to a how-to of encrypting Office documents.
  2. If you have Symantec’s Encryption Desktop (PGP) installed, you can create Self-Decrypting Archives (SDAs) for encrypting files and sharing them with users who do not have PGP installed. Note, this option only works in Windows. You will need to create a strong passphrase and communicate it (separately via phone for example) to users who will need to access the file. Further instructions can be found here.

Other options include:

For more information regarding the best solution for you and your group, please contact your local IT Support or visit us at help.med.unc.edu.