Should we be sharing files via email?
Reducing cyber breach risks in your business
Sending information by email is never really secure, even over an HTTPS connection. Not all email providers offer an encrypted way to send messages.
Unless the files themselves are encrypted, such as by using a password-protected PDF, there is no guarantee that the intended recipient will be the only one to see the message.
A more secure way to share files online is by uploading the file to a cloud server such as OneDrive or Google Drive, then sharing the link.
Email attachments vs share links:
| Email attachments: 👎 | Share links: 👍 |
| 👎 Limited to about 10mb | 👍 Can handle 1gb or more |
| 👎 No security features | 👍 Can be password protected |
| 👎 Spam filters can block genuine attachments | 👍 Links aren’t caught by spam filters |
| 👎 Can take up precious storage space | 👍 Stored on the cloud, so no storage space needed |
| 👎 Don’t know who else accessed it | 👍 Track all opens and downloads |
| 👎 Attachments never expire | 👍 Expiration or destruction dates can be set |
| 👎 Mistakes can’t be corrected without re-sending | 👍 The information can be updated at any time |
| 👎 Can’t be recalled if sent in error | 👍 Link access can easily be revoked |
Sharing files using a removable device
Sharing files by using a removable storage device like a USB stick or flash drive can be a bit more secure than email. It involves directly copying or moving the files onto the removable storage device and then physically transmitting it to the recipient.
However, USB storage devices are small and can easily get lost or stolen. Therefore extra care must be taken when sharing sensitive files via removable device.
Do’s and don’ts for devices
Never
❌ plug an unknown flash drive into your computer
❌ use the same flash drive for work and personal files
❌ purchase a flash drive from a non-reputable seller
Always
✔️ use a password-protected or encrypted flash drive
✔️ keep it in a safe and secure location
✔️ report a lost or stolen flash drive
File sharing by printing
If you are printing information to physically hand or send to someone, be aware that it comes with cyber security risks.
Possible risks include:
- Data being sent to a printer over an unsecured network
- The printer storing data on an unencrypted hard drive during the printing process
- Sensitive data being sent to the wrong printer
- The documents ending up in the wrong hands
- Printers themselves can be vulnerable to hacking
It’s not just cyber security to be aware of when printing. Not being cautious when using printers can also result in data protection breaches. Leaving personal information for others to find it, not properly shredding used data, and even not using the latest secure printing technologies could result in a GDPR breach. This is because data protection law requires all proper technical measures to be taken to protect personal information.
Additional resources on printer-related cyber security risks:
- Cyber Attack launched on 150,000 Printers working worldwide
- Christian Slater Shows You Why Printers Are The Weakest Link In Cyber Security
- Did you know that printers are a major cyber attack vector?
VinciWorks’ Phishing Challenges
VinciWorks’ Phishing Challenges present a series of emails, with users having to identify the red flags in each one. These phishing simulations enable users to identify high risk employees and produce a report with each employee’s phishing risk score. Businesses can create their own industry and role-specific phishing challenges. A new phishing challenge is released regularly to reflect the latest threats.
Demo latest Phishing Challenge
