Whether you’re running a business or managing your personal finances, it’s natural to want your emails to stay private. But the most sensitive info in an email often isn’t in the message itself but in the attachment. Excel files, in particular, tend to hold some very sensitive data. Financial reports, contact lists, product spreadsheets—you name it.
The easiest way to share those files is email, and with over 25% of all email opens around the world, Gmail is often the service of choice. But files shared over email can be insecure without the right protection. Something as complex as hackers or as simple as an accidental forward can expose those files—and the sensitive data within—to the wrong eyes. Even if your recipient deletes the message and attachment after saving it locally to their computer, there’s still no guarantee that it’s not still sitting on a mail server somewhere. You also won’t be able to control where that downloaded file goes in the future.
The good news is, there are options to protect those important files and ensure that your attachments are protected throughout their entire lifecycle. The first step is to implement some basic email security measures, like strong passwords and 2-Step Verification. This will help ensure that your account itself is secure.
To implement the next level of security, you need to ensure that your emails are protected by encryption, which scrambles your data so it’s unreadable without the right key. Most email providers, including Gmail, have basic encryption baked into their services. This type of encryption, known as Transport Layer Security (TLS), operates at the broad network level and puts walls around your emails while they travel or remain on Google’s servers. While that protection is important, it doesn’t secure any emails that leave the server, and it doesn’t encrypt individual attachments. What does this mean? Those all-important Excel files will be safe—until they aren’t.
To protect individual files, you need end-to-end encryption, which travels with your email content and files no matter where they end up. When you send an attachment that is encrypted end-to-end, the file is converted into a format that is unreadable without a digital key. When the recipient clicks on the attachment, the encryption server checks to make sure you’ve given that person permission to access it. The intended recipient can then save and open the file—provided they can decrypt it. Anyone trying to intercept the file along the way, however, will be stuck with the unreadable data, instead of a photo or other sensitive document.
There are a few ways to encrypt an Excel file in Gmail with end-to-end encryption, including PGP and S/MIME. However, those solutions can be difficult to implement, because they require you to manually exchange the keys that decrypt your email, which disrupts the seamless collaboration that makes email so powerful. It’s also risky: your attachments are potentially less secure if the keys are mishandled.
On the other hand, one of the most effective ways to enable end-to-end protection is with the Trusted Data Format (TDF), created by Virtru CTO Will Ackerly. TDF is a powerful way to protect and control access to highly-sensitive intelligence information, because it can safely encrypt any type of file, including Excel files.
Moreover, Virtru’s protection for Gmail attachments has just taken protection to the next level. We now offer Persistent File Protection for Gmail users, which encrypts your attachments and Excel files even after they’ve been downloaded or forwarded. In fact, Persistent File Protection can be applied to all types of files—PDFs, Microsoft Office files, .png, .jpg, .txt—using complete end-to-end protection.
Looking for more information? Check out this post for a comprehensive guide on how to encrypt every email you send with Gmail.