Ever had to send your passport, drivers license, personal details over email? Taken out a mortgage, and had to send them documents? Maybe you should ask for a secure alternative…
Email.. one of the most common forms of communications in businesses and for personal use , but also one of the most insecure.
People often mistake email as being something secure, but that is far from the truth – in light of this, it’s still surprising to see the amount of organisations that ask for personal details and other sensitive information over email.
Lets look into this further…
Why is email insecure?
Your typical email is sent over the internet or internally over an un-encrypted channel, in plain English, this means that if someone is able to intercept the message, then the entirety of the contents are available to be read – you can think of it as sending an open letter, anyone who manages to get their hands on it between destinations is free to read and copy but you’d never know any different.. This is referred to as a ‘man-in-the-middle’ attack.
So is it possible for something to happen?
Absolutely, but unfortunately, you would struggle to know if something had occurred until it is already too late.
So what can you do about it?
Unfortunately there is not a lot you can do is some cases, especially when a business want’s you to work in a certain way, however you have every right to ask them to use a secure alternative when sending sensitive information, they may have secure file sharing facilities or the ability to use encrypted email – they will be best placed to advise, but it is fundamentally within your rights to refuse to use an insecure mechanism for sharing information.
What about if I am sending information personally?
There are a many secure email services that you can use, a commonly used mail provider is proton mail – you can find out more about what they offer on their website and is not affiliated with mappd in anyway, but it’s a good starting place for secure mail providers.
Can mappd help?
One of the core features of mappd’s future state is the ability to directly access your information within organisations and provide a channel for communication and alerting in the event of a breach or issue that may affect you – using mappd, you will be able to see the security rating of an organisation to give you an informed approach to select which organisations are safe, also alerting us if there are any issues that you are facing with a specific company.
Key things to take away
- Don’t be afraid to question a company asking you to do things like send sensitive details over email
- Do be prepared for push back in some cases
- Do keep track of which organisations are offering more secure alternatives through mappd, this can encourage them to step up their game
Did you find this interesting? Please leave a comment or let us know if you’d like to here more about a specific topic.
You can sign up for our news letter below.