Sharing Sensitive Documents With a Third Party
You have a document, video or audio file with sensitive information on it and you need to send a copy to a third party. What options should you consider?
Three options come to mind: email, Dropbox or flash drive.
Sending an email is basically the same thing as sending a postcard. While there are efforts one can use to change this, email remains pretty wide open. This is true and scary; anyone who wants to read your email (not just the NSA) can read your email.
Most times you can send sensitive documents through email and nothing will happen. However; you are playing Russian roulette (almost literally, given the recent theft of 1.2 billion email account credentials by a Russian gang) with the security of that transmission. Remember, the topic of this post is about sharing sensitive data with a third party.
The next logical step would encrypting the email (or files) attached in the email. Encryption is a good option and certainly more secure than sending the email without encryption. You could run into a file size limitation though. Most videos will be larger than a 20MB, which is (generally) the maximum file size one could attached in an email. Encryption is a good next step, but there is a bigger issue at hand than file size. More about that in a few.
Dropbox is next on our list of most obvious options to share sensitive data with a third party. Dropbox is a great option when you have larger files. With Dropbox you could upload those big audio or video files and provide a download link for your recipient. Dropbox doesn’t encrypt your data by default so there is some exposure there. A quick and relatively safe method to encrypt your files using Windows would be compressing the video into a zip file and assigning it a password. Encrypting the data will provide that extra layer of security. As with an encrypted email, the encrypted Dropbox alternative also has a major flaw.
Ask yourself, “Do you trust the recipient?”
Continue Reading