Whether you’re sending a confidential message to your employees or a personal note to your spouse, it’s natural to want your emails to stay private. However, the most sensitive info in an email is often stored in the attachment, not the message itself. Here’s the crucial point: typical email encryption services don’t actually encrypt your attachments—so they might not be as safe as you think.
Without file-specific protection, tax documents, business spreadsheets and even personal photos can be stolen if your message is hijacked on the way to its destination.
Likewise, even if your recipient deletes the attachment after they’ve downloaded it, there’s no guarantee that the file won’t be sitting on a mail server somewhere.
Want to have complete control over your attachments? Our quick-start guide below explains how to ensure your email attachments remain private and secure using encryption and Persistent File Protection.
Why You Need to Encrypt Email Attachments
Email providers usually only put one restriction on attachments: maximum file size (25 MB in the case of Gmail). Anything smaller than that is fair game, whether it’s an animated GIF or a multimedia PowerPoint presentation. Outside of that single restriction, there aren’t a whole lot of measures in place to protect your data—and limiting file size certainly doesn’t protect your inbox in any way.
When you hit send on an email, you should feel confident that both the content and attachment will arrive at their destination safely, without being seen by unauthorized eyes. That level of security is particularly essential for attachments, which often contain your most sensitive data, from trade secrets to personally identifiable information. And if you’re sending legally protected data like health information, you need to verify that your file-sharing practices are compliant with data protection laws.
While other email security measures—like strong passwords and 2-Step Verification—are important, they don’t do enough to provide your data with persistent protection. Only encryption, which scrambles your data so it’s unreadable without the right key, fully insulates that information from common threats like phishing attacks, malicious insiders or simple employee mistakes.
How to Encrypt Email Attachments
There are a few different ways to encrypt emails, starting from the broad network-level protection called TLS (transport layer security). Most major email providers have TLS encryption baked in, which protects your emails in transit or within the provider’s servers. However, TLS doesn’t provide complete security: emails outside the server or individual attachments aren’t protected.
The next level of protection is end-to-end encryption. This security protects your emails from point-to-point, so no matter where those emails end up, they’re still secure. When you send an attachment that is encrypted end-to-end, the file is converted into a format that is unreadable without a digital key. When the recipient clicks on the attachment, the encryption server checks to make sure you’ve given that person permission to access it. The intended recipient can then save and open the file—provided they can decrypt it. Anyone trying to intercept the file along the way, however, will be stuck with the unreadable data, instead of a photo or other sensitive document.
One of the most effective ways to enable end-to-end protection is with the Trusted Data Format (TDF), created by Virtru CTO Will Ackerly. TDF is a powerful way to protect and control access to highly-sensitive intelligence information, because it can safely encrypt any type of file.
Before Virtru, there was no easy email attachment encryption, available options added significant friction to email use. Traditional encryption providers required users to manually exchange encryption keys. This also added a significant security risk: if your keys ended up in the wrong hands as a result of this exchange, your data would be exposed. The process also severely limited usability for end users, slowing down email use, requiring more technical knowledge and adding additional steps for a recipient to read an email.
Now, you can do it with the click of a button. Once you install Virtru on your browser, mobile device or email client and activate it, you’ll have the option to encrypt every email (and attachment) that you send. This solution continues to evolve: Virtru now offers Persistent File Protection for Gmail users, which encrypts your attachments even after they’ve been downloaded or forwarded.
Encrypt Attachments with Persistent File Protection
With Virtru’s latest capability, Persistent File Protection, you can encrypt all common file types—PDFs, Microsoft Office files, .png, .jpg, .txt—using the TDF for complete end-to-end security. Now, you no longer have to choose between protecting Gmail attachments and sharing them.
Persistent File Protection, available for all Gmail users, takes this a step further: with one simple toggle switch, you can protect your attachments at all times. In simple terms, Persistent File Protection enables private, compliant sharing of files and attachments, anywhere files need to be stored or shared—including across disparate environments—without loss of control or visibility.
This extra security is essential: according to the McAfee 2019 report, there has been a 23% increase in risky open file-sharing links and a 53% increase in the volume of sensitive data shared in the cloud within the past year. Persistent File Protection is designed to plug those gaps in email security, so that any email attachments are always protected.
Persistent File Protection puts control back in the hands of the file owner: you’ll have full control over the attachment no matter where it is shared, including who can access it after it’s been downloaded. No matter where a recipient has forwarded your file, or even if they’ve downloaded it to their computer, it remains encrypted. Encrypted PFP files open within a secure reader, so only authorized users can decrypt the attachment. You can also revoke access to both the message and the attachment after the fact as needed or cause messages to expire—including attachment access—after a certain date.
Persistent File Protection also makes life easier for recipients, who will have full flexiblity on where they put the file without worrying about accidental leaks. Those authorized recipients also have seamless read-access to designated files, without needing new accounts. This enables smoother and more secure collaboration, whether that means a shared network folder with your R&D team or patient data in a healthcare organization.
Simply put, Persistent File Protection addresses all email attachment encryption needs in one fell swoop. Moreover, Persistent File Protection works seamlessly with other Virtru email protection features, such as watermarking and disable forwarding. You can watermark and encrypt an attachment with toggle switches and send it anywhere you want, worry-free.
Looking for more information? View a recording of our recent webinar to get an exclusive look at the benefits of Persistent File Protection for Gmail, or check out this post for a comprehensive guide on how to encrypt every email you send with Gmail.