How to Safely Send Sensitive Files
Posted 13 Apr 2015 by Natalie LeBlanc
With tax season in full swing, and some late or amended tax slips still arriving in your mailbox, you may be wondering how you can safely send these documents to your tax preparer. In this digital age most transactions can be performed virtually; moving documents from your desk to your accountant, tax preparer, or advisor is no exception with the rising popularity of the “scan and send” option. However, is this method secure? Are you putting your sensitive financial information at risk?
Is my email safe?
In general, simply emailing a scanned document (like a PDF or JPG file) is not entirely safe. Even if your email service has a secure connection (look for https://) there is no guarantee that the recipient has the same secure connection. When you take your (and their) Wi-Fi or internet connection into consideration there could be even more problems, especially if one or both of you are using a public, shared, or unsecured network. We have heard horror stories from clients whose emails have been hacked into, and this type of information is 100% vulnerable if the proper steps aren’t taken.
Take the basic steps first
The first thing you should remember when uploading sensitive information, or even saving it on your computer in the first place, is to remain on a secure network. Public Wi-Fi is a great utility (thanks, Starbucks!) but you certainly shouldn’t upload files over an insecure connection, to which anyone in your vicinity has access.
Second, if you have sent sensitive information via email in the past, delete it. Delete the message from your “sent” folder, permanently delete it from your “trash” or “bin”, and ask your recipient to do the same. If you use an email service (Outlook, for example) and the settings are such that Outlook cannot or will not delete the email from the email server, get in touch with your IT or admin personnel to have it deleted off the email server as well, or do it yourself if you have access. This way if someone hacks into your email after-the-fact, nothing is there! This, however, doesn’t help during the process of sending.
How to keep your files secure in transmission
The most secure way to give someone your sensitive documents is to hand them over face-to-face. Of course, this isn’t always an option for those who live hours, or countries, away. I have two recommendations for those who wish to make the best effort to secure their information as it’s sent:
- Send an encrypted, compressed file. There are many services available which allow you to encrypt files so that a password is required in order to view them. I often use 7-Zip, which gives you the ability to compress a folder full of many files to a smaller size (which is also helpful when emailing large or many documents!) and to set a password in order for a recipient to be able to extract and view the files. Of course, you shouldn’t email the password to your recipient!
- Use an encrypted file-sharing service. The most popular of these options is certainly DropBox. This service allows you to upload documents to a secure server, over an encrypted connection, for your recipient to be able to download them over their encrypted Dropbox connection. It would be important to note, however, that if you use the Dropbox App on your smartphone, the files are secure but the names of the files are not, so don’t include any sensitive information in the name of the file (Social Insurance Numbers, for example).
It’s easy to fall into the “it won’t happen to me” mentality, and the probability of identity theft through this means is pretty low, but that doesn’t mean it can’t happen. Take the proper steps to minimize your risk and you just may save yourself a big headache.