From job applications to business contracts, we use email to send and receive sensitive documents on a daily basis. However, email has certain vulnerabilities, like any technology. If you receive emails, you need to make sure they’re genuine and not potential phishing or ransomware attacks. And if you send emails, especially ones that contain sensitive information, you want to make sure those messages cannot be scanned or shared without your permission.
Fortunately, there are easy ways to send and receive documents securely via private email. In this article, we look at the types of documents you can send securely over email and how you can better protect the files stored in your inbox.
What types of documents can you send over email?
No matter what email provider you use, you should be able to send documents and files as email attachments. You can send any file over email as long as it doesn’t exceed the maximum file size limit set by your email provider. Here are some popular file types and their file extensions:
- Text files (.doc, .docx, .txt)
- PDF documents (.pdf)
- Presentations (.ppt, .pptx)
- Spreadsheets (.xls, .xlsx)
- Images (.jpeg, .png, .gif)
- Sound files (.mp3, .m4a)
- Video files (.mp4, .mov, .avi)
- eBooks (.mobi, .epub)
Some documents could contain sensitive information about you, such as your address or bank account. And nearly all digital documents have metadata, which are details about the file itself, such as when and where it was created or what device was used. For example, if you sent an image as an email attachment, your email provider could easily see where and when the picture was taken.
Using the contents of your inbox, your email provider can track your online and even offline habits, allowing them to build an intimate profile of your life. This data can then be sold to third parties or used to target you with ads. For this reason, you should always ensure no one can access your documents besides you and your recipient.
Sending documents securely via email
The safest way to send a document to someone is to hand it to them personally. However, this is rarely an option, so it’s much more convenient to send documents digitally. Here are four steps you can follow to protect the integrity of your files when sending or receiving them over email.
Step 1: Practice good digital hygiene
The first line of defense to protecting the sensitive files in your inbox is practicing good digital hygiene. One of the easiest ways to do this is to use a strong and unique password or passphrase to protect your account. If you’re having trouble coming up with a strong password, you can use a password manager. A password manager generates and stores login credentials associated with online accounts, including email accounts.
Step 2: Protect your file with a strong password
Depending on the type of file you’re sending, you may be able to secure it with a password. Software such as Microsoft Office and Adobe Acrobat allows you to password protect certain documents and PDF files before sending them.
How to password protect a Microsoft Office document
To password protect a Microsoft Word document:
- Open the document you’d like to protect.
- Select File → Info → Protect Document → Encrypt with Password.
- Type a password, then retype it to confirm.
- Save the file so the password takes effect.
How to password protect a PDF document
- Open the PDF you’d like to password protect in Adobe Acrobat.
- Select Tools → Protect.
- You can either restrict file editing with a password or encrypt the entire file with a certificate or password.
- Click OK and select Save.
How to password protect a presentation in Microsoft PowerPoint
Setting a password in a presentation prevents other people from opening or modifying it. To add a password:
- Open the presentation.
- Select File → Info → Protect Presentation → Encrypt with Password.
- Enter the password, click OK, then save the file.
Once protected with a password, you can securely send your file to your recipient as an email attachment. However, this method may not work if your recipient does not have access to the same software. In this case, you should send your document as an encrypted attachment.
Step 3: Send your file as an encrypted attachment
When you encrypt an attachment, the file cannot be intercepted or accessed by anyone except your intended recipient. However, regular attachments are only protected by basic encryption, such as TLS. TLS secures an email as it moves between email providers, meaning your attachment could be accessed by a third party after it reaches your recipient’s inbox.
Additionally, a secure TLS connection requires that both you and your recipient use email providers that support TLS. If your recipient’s email provider does not support TLS, eavesdroppers could read your message and access your attachment while the email is in transit.
Pick a secure and private email provider to send your attachment
To send documents securely over email, you need to choose a trusted email provider that supports advanced encryption. The easiest way to do this is to use Proton Mail. Proton Mail automatically protects all your messages and attachments with end-to-end encryption (E2EE) and zero-access encryption. The encryption happens seamlessly in the background, giving you peace of mind that your messages and files are automatically protected.
If you send an email from your Proton Mail inbox to a recipient who does not use Proton Mail, you can still encrypt your message and attachment using the Password-protected Emails feature. With Password-protected Emails, your recipient must enter a previously agreed-upon password to open the message. You can also use the message expiration timer to ensure that the message and its attachments are automatically deleted once the timer runs out.
Step 4: Use an encrypted cloud storage solution
If the document you’re sending exceeds your email provider’s maximum file size limit, you can opt to send it using an encrypted cloud storage solution. To send your recipient the document, simply upload the file and copy and paste the download link into your email.
While there are many cloud storage solutions on the market, not all are created equal. Some file-sharing solutions, such as Dropbox, do not use end-to-end encryption to protect your files. In fact, Dropbox revealed in 2016 that it was hacked(new window), resulting in a major security breach that exposed more than 68 million users’ data and passwords on the internet. Dropbox also holds the encryption keys to your files, meaning the company can decrypt and read your sensitive documents.
Send your documents using Proton Drive
The safest way to send your documents securely is to sign up for a free Proton Drive account. Proton Drive is the latest addition to our private-by-default ecosystem and uses the same end-to-end encryption in Proton Mail to protect your files. With Proton Drive:
- Any file you upload is encrypted on your device before being stored on our servers.
- All file metadata is encrypted, including its name, file extension, thumbnail, and more.
- Nobody can access your file unless you’ve sent them a secure file-sharing link.
To share a file securely, sign in to Proton Drive and upload it. Then, create a secure, shareable link. Once you’ve shared the link with your recipient, they will be taken to a page where they can download the file or folder. The file you’ve shared remains encrypted until it reaches your recipient’s device.
You can also add a password to protect your document or set an expiration timer. This ensures you have full control over who can access your document and for how long.
At Proton, keeping your data safe is our top priority. This is why we’ve developed privacy-first services like Proton Mail and Proton Drive to help you send files securely over the internet. If you’d like to support our mission of building a better internet, consider subscribing to a paid plan.