We’ve all heard the horror stories.
Cybercrimes and attacks are on the rise. And it’s not just large companies.
Cybercriminal groups are targeting small and local businesses as much as megacorporations. Since many local businesses think they’re too small to be on the radar for a cyberattack, they make for easy targets.
But we don’t mean to scare you off using the internet. Most attacks on smaller businesses are crimes of opportunity – a password was involved in a leak, someone was using outdated software, or files were being shared without encryption.
We all still need to use the internet to run our businesses, communicate with friends and family, and go about our daily lives. With a few tweaks to how we do things, we can remove most of the easy opportunities for cybercriminals and go about our work without too much interruption.
To start, you’ll want to stop using email to send sensitive documents (we’ll also cover that below). Then, you’ll need to find an alternate method to send documents securely.
In this guide, we’ll help you look at some of the most common email alternatives to send documents securely. We’ll also help you learn how to evaluate your needs and understand why we all need to take our security more seriously.
Let’s get started!
The best alternatives to email to send documents securely
- Content Snare - best for securely requesting and storing documents from clients
- Dropbox - best “starter” file sharing service
- Google Drive - best for sharing Google documents, emails, etc.
- OneDrive - best if needing to collaborate on Microsoft documents
- iCloud - best if working in a Mac-heavy environment
- WeTransfer - easiest to use to send a large file quickly with basic security features in place
- SendAnywhere - easiest way to share files across all of your devices
Why you should stop emailing sensitive information
We’ve all done it.
There’s a document that needs to go out ASAP. We draft a quick email, blast it out to the other party, and move on with our day. Most of us use business email accounts, Gmail, or another protected service. So, everything’s safe, right?
You see, by default, email isn’t very secure.
Sure, you need passwords to log in to your email. But email, in its natural state, is sent from server to server in clear text that could be read by anyone skilled enough to intercept it in transit. While that transit seems fast, it’s not direct. Emails bounce around numerous times before arriving at their destination. That’s multiple chances for a cybercriminal to intercept, read, change, or even counterfeit your information.
Ironically, the humble old fax machine is still safer than most emails.
Even beyond the technological limitations that make emails unsafe, there are practical reasons email isn’t great for sensitive documents.
- You have zero control once you hit send. The person receiving the file could forward it to others, post it online, or make their own changes.
- You have no proof of delivery with traditional email. Some systems will let you set up a “receipt,” but users can deny those.
- You have difficulty sending large files. Many traditional email servers block larger files, particularly if they’re encrypted and can’t be scanned.
Alternatives to Email
Thankfully, many alternatives to email have emerged over the years that solve security issues while giving you different options on how to share sensitive documents. You can choose based on how you want to secure your files, what devices you’re working on, and other factors.
If you need to chase clients down for a document but would rather not have them send it via email, Content Snare is your answer. You can read all about Content Snare’s security measures here. Within Content Snare, all data in transit is encrypted between source and destination using SSL/TLS with RSA 2048 key encryption. You can manage all communications around a document from within the software. You enjoy a high level of security and oversight of the document while maintaining a single source of truth because everything is together in one place.
The cloud back-end is handled by Amazon Web Services, which powers the majority of cloud-based services for enterprises globally. So, you know you have top-rated data backups and protection. Try a 14-day free trial now.
Dropbox is so synonymous with file sharing you’ll often hear people using it as a verb. “Hey, just dropbox me that file,” even when they’re not using the service! Users start with a pretty paltry 2GB of space and can upgrade up to 2TBs with a paid account. With Dropbox, you can password protect your links, audit how many times a file is accessed, and more.
Like any large, cloud-based solution, you’re as exposed as your weakest team member. All it takes is one person to use an invalid password, and someone can access everything. If you’re in a larger company, Dropbox lacks the auditing capabilities required of an IT team. You also can’t lock out edits on a shared file, so someone could unwittingly overwrite a production-ready file with something that hasn’t been approved. And thanks to its market share, Dropbox is a high-value target for hackers and has been breached before.
All users get a free 15GB of free storage to use across their various Google accounts. This makes Google Drive a natural cloud solution for sharing Google Docs, Gmail, and other Google office documents. You probably have a file or two being shared from Google Drive at this moment. Google also uses powerful encryption and the latest file-sharing protocols to ensure a pretty high level of security.
However, despite the widespread usage and Google backing, Google Drive falls a bit short in simple file sharing. Unlike many other options, you don’t get an option to set expiration dates or passwords on files, for example. Also, files shared in the cloud can exist even after you’ve deleted them. So, you’re only as secure with Google Drive as every link in your communication chain.
OneDrive is from Microsoft and included with Windows, so it’s a no-brainer to use when sharing anything Microsoft-related. Even if you’re not on Windows, the 5TB for free is more than some other services. Upgrading to 7 dollars a month also gets you Office 365 on top of 1TB of online storage, making OneDrive one of the best values for cloud-based file sharing.
Microsoft does have the ability to decrypt any files. Of course, organizational policies are in place to prevent this from happening. Still, policies won’t protect against hackers or disgruntled employees. Data will also expire with users, so if someone leaves the organization, you should ensure you have a backup plan in place.
If you’ve forgotten about iCloud, we won’t blame you. Despite ruling the smartphone market for years, Apple’s file-sharing solution lags behind the competition. It’s built into mac operating systems, so if your office laptops are all Macbooks, it could make sense to use iCloud to send files securely.
But iCloud lacks password protection and doesn’t allow you to set expiration dates on shared links, both of which are massive oversights regarding securing shared data. Unless you’re a died-in-the-wool Apple fan, better options are available.
WeTransfer is possibly the most straightforward online file-sharing service. You simply need to drag a file onto the window, enter who to send it to, and click to send. You can send files up to 2GB in size for free.
But if you want more security around your files, you’ll need to go pro which is $12 a month. With the upgrade, you get up to 1TB of cloud storage, two-factor authentication, password protection of files, and your choice of when the files expire. You won’t get granular data on who’s doing what with the files or any control after the file is sent. Still, if you need to send large files quickly and securely, this is one of the most accessible options available.
SendAnywhere does precisely what the name promises. Like most other services, you get a free tier that allows you to send files up to a specific size without a lot of oversight or protection. Upgrade to a paid subscription service, and you can password protect your links and monitor who’s accessing your files.
No solution is perfect
Unfortunately, no solution is 100% safe. Anytime you share files online, there are some inherent security risks. Different companies will do their best to mitigate those risks, but no one has solved cybersecurity completely.
Suppose you were dead set on the highest level of security possible. In that case, you’d need to arrange a meeting like something out of a spy movie. You’d meet for an in-person hand-off of documents, with the information coded to destroy itself after it’s read. But since most of us aren’t working with Mission Impossible budgets, we have to compromise.
That’s where the CIA comes in.
Using a fundamental concept of cybersecurity to guide your decisions
You’ll often hear Cybersecurity professionals talking about the CIA.
No, not that CIA. They’re not worried about clandestine American foreign intelligence groups.
In cybersecurity, the CIA triad refers to Confidentiality, Integrity, and Availability.
Confidentiality means that only the people who are supposed to be able to view something have access to a file, for example. Integrity means that data remains unaltered, whether in transit or at rest. Availability means that anyone who’s authorized to access a file can access that file whenever they need to.
These three ideas govern all cybersecurity decisions.
Why do we bring this up?
Everything we do online is a balancing act of these three concepts.
You can very easily make it so that no one can steal or read your confidential information. Simply unplug your computer from the internet. But, that would make it pretty hard to run an online business.
So we compromise. We decide how much risk is acceptable based on the information we’re working with, how many people need to access it, etc.
Use the CIA triad when weighing your options
Keep the CIA triad in mind when considering different options to send documents securely.
Consider how sensitive your information truly is, and look for an option that gives you the protection you need while also ensuring your team has access when they need it. Sure, you could pay thousands for the most highly rated online file-sharing service. But do your cat photos need that level of protection? Maybe? But probably not.
You also want to ensure everyone can access the files quickly and efficiently. You don’t want workers spending too much time jumping through verification hoops.
Striking the right balance of these three concepts varies depending on your business, size, industry regulations, and the organization's technical requirements. You’ll also have different needs for various data along the way.
It’s a good idea to familiarize yourself with the various options available. That way, you can match the right security solution to each need. Maybe a general purpose file sharing site in the cloud for commonly shared files and something with more robust security for when you’re sharing sensitive information.
Consequences of failing to send documents securely
You also have to weigh how serious a security solution you need is against a security breach's possible repercussions.
If you’ve ever had your account hacked, you know how frustrating the experience can be. It’s a pain in the a** dealing with password resets, notifying your friends, etc.
Having company information stolen is a whole other can of worms altogether.
Not only do you have to deal with all of the usual headaches, but you also have legal and reputation issues to manage. Depending on your industry, there could be fines from your government due to a security breach. Many US states and many countries have laws related to data breaches and specific steps to follow in their event. Failure to send information securely can trigger expensive consequences like lawsuits, remediation efforts, etc.
For many companies, the reputational damage is the worst fallout from a security breach. 70% of consumers say they’ll stop doing business with a company that’s experienced a data breach. If you’re working with a new client and lose their files out of the gate, you can kiss that partnership goodbye.
However, not all documents you send carry these consequences. A blog post you’re planning to share with the world won’t have GDPR ramifications…usually. You must know your industry and the nature of the files you need to send and plan accordingly.
You don’t get to play dumb after a breach. The regulations hit you regardless of if you genuinely knew or not. So, before you go with the cheapest option or the easiest to use, be sure it fits any legal requirements you might be subjected to.
Exploring more robust options
These services are scratching the surface of how you can send documents securely. There are extra layers you can add inside of these services, like taking the time to encrypt or password lock your documents before sending. However, these processes require additional setup beforehand within your network infrastructure and on the client-side.
Chances are, if you need security at this level, you’ll already know. For most companies, the best solution is to use one of the cloud-based file-sharing services mentioned above.
But, sometimes you get new clients or regulation changes within your industry and more significant security measures are required. So, it’s always good to know that even more security options are available for you, should you need them.
Always remember that the more security layers you add, the more time it will take to access the data and the greater resource load you’ll place on your systems. Remember the CIA triad and weigh the security need against the work times required.
Take the time to label and regularly classify the data and documents you work with. Decide what truly needs the highest-grade security and what will be OK with basic protection. A lot of time and money is wasted when companies apply high-grade blanket security protocols to data or documents that do not require it.
Leave a Reply