• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 442
  • Last Modified:

How to send secure email attachments

I need to send secure file attachments containing sensitive information (either.doc or .pdf files) that can only be opened by the recipient. These occasionally need to be sent to a wide number of legal professionals dotted around the country, all using different email addresses.

Could someone suggest the simplest way of being able to do this?

I can purchase 3rd party software/services if needed.

1 Solution
Ashok DewanFreelancerCommented:
You can ecrypt these files , after encryption then you can pack these files in winrar program by setting strong password. I think is enough to secure these file. If some one get that rar file 1st he need to break the password which is very difficult for above 15 chracters and file inside the rar also encrypted.

you can see couple of software to encrypt pdf and doc by googling
1. http://www.verypdf.com/encryptpdf/encrypt-pdf.htm
2. http://www.pdfmachine.com/genp/overview.html?ref=GA&campaign=features&adgroup=features&ad=001&gclid=CKO929Hm3K4CFUp66wodNRtAYw
3. http://www.askdavetaylor.com/how_to_encrypt_pdf_file_mac_windows.html

for doc


After ecrypted files packed in rar file then you can send rar file.
Dave HoweSoftware and Hardware EngineerCommented:
Simplest (but quite definitely NOT the cheapest) is to install a cisco ironport device.

The Ironport is a smtp filter device that sits between your mailserver and the internet. outbound mail (selectively if you wish) is encrypted, and sent to the recipient, who must then register at the cisco CRES site to decrypt their mail.

from your point of view, all you need to do is either specify that certain messages (eg, messages with attachments to a list of domains) are always encrypted, that certain flags (eg setting "confidential" on an email) triggers the encryption, or anything else you want - the ironport is quite flexible in what will cause the outbound mail to be encrypted. as a bonus, replies to encrypted messages are themselves encrypted, without the recipient needing to buy or set up anything other than the cres login.
DebsylAuthor Commented:
Thanks - this is for sending confidential legal reports via email. Obviously this can't be done over regular email as it's not secure enough. As it's for a freelancer I think the Cisco Ironport route is going to be way too expensive - but thanks anyway.

I'm thinking using a strong password in Adobe Acrobat to encrypt the document then sending it as an attachment is probably the way to go as these reports go to many different legal people all using different systems. We're just waiting on a response from the legal IT people to see if this is secure enough.
Dave HoweSoftware and Hardware EngineerCommented:
Well, this is a growing field, but yes, if all your documents are PDFs, and you can manage the key schedule yourself, then that's a cheap and cheerful option - the crypto is actually pretty good (AES, at 128 bits for v8 and before, moving to 256 bit in later versions).  Password length has also increased (from 32 chars to 127) but as in each case only the hash of the passphrase is used, even the older releases should be "good enough".

If you *need* some sort of verification, go for the latter, and use genuine Adobe software - their cryptomodule is FIPS certified :)
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now