We have talked a lot about how essential it is to protect your data to avoid losing it in previous blogs. But what about making sure you are the only ones with access to it? We all have to send emails with extra sensitive information sometimes that we do not want anyone other than the receiver to see, but some emails are more sensitive than others. In some cases, the wrong people accessing an email can mean a high cost to your business.
Whether it is payslips, pension information, company finances, or banking information, emails containing financial details may need extra protection. You don’t want competitors or employees knowing more than they should, you don’t want criminals getting hold of information that they could use to defraud you, and you don’t want to be responsible for letting your customers’ financial information get stolen. This is particularly important if you are regulated by the FCA, where you could be fined for not protecting your customers’ financial information thoroughly enough – and that is on top of the cost of the bad reputation you could end up with!
Legal issues are also often extremely confidential. You may even have signed Non-Disclosure Agreements (NDAs) which increasingly include involuntary disclosures (including if you are hacked) where you could be in breach of contract and face financial penalties. Solicitors and legal departments often deal with particularly private data that should have an extra level of protection.
If you handle personal data, including staff and customer information, you are bound by GDPR. This is anything that can be linked directly to an individual, so their name, date of birth, contact details etc. Almost all businesses have to handle some personal data. Sometimes some of this data may have to be emailed, for example, employee information that payroll needs or customer data for a campaign a marketing agency is running for you. Whether deliberate or not, any personal data breach must be reported to the ICO (Information Commissioner’s Office) and they fine companies for the worst breaches. Again, that is on top of the cost of a bad reputation.
Keeping all confidential information in a file and then password protecting it does limit the risk. However, this requires several steps, and sometimes it’s a lot more convenient to have the information in the email itself.
A third-party encryption tool with an Outlook plugin makes email encryption very easy. It is also the most secure way of protecting both the email AND attachments. You can use an encryption key if the recipient also uses the same tool or a password.