Sharing sensitive or confidential files with other people can be a challenge. Email is typically the most convenient option. But by default, email is not secure. On their own, your emails are neither encrypted nor authenticated in any manner, which means that people beyond you and the recipient can potentially access and read them. Despite this lack of security, a survey conducted by encryption security provider NordLocker found email the most popular way to share files.
SEE: Encryption: A guide for business leaders (free PDF)
In a survey about file sharing and security directed toward 1,400 adults, NordLocker discovered that 58% of those in the US and 56% of those in UK use email as the most common method of sharing files. Some 35% of the respondents use cloud services to share files, 27% of people in the US and 46% of those in the UK use messaging apps, and 14%-15% use external drives. Only 10% use file transfer services such as WeTransfer.
“Even though email is one of the most popular targets for cyberattacks, people still trust it with their personal information,” Oliver Noble, an encryption specialist at NordLocker, said in a press release. “If your email gets hacked, all of your attachments, such as sensitive documents or private photos, can fall into the hands of criminals.”
Cybercrime is something that’s affected many of the people surveyed. More than half of the respondents (67% in the US and 55% in the UK) said they’ve been the victim of a malicious cyberactivity at least once. Some 46% of people in the US and 33% of those in the UK has been hit with a virus on their computer.
Further, 32% of US users and 20% of UK users users have clicked on a link in a scam email. Some 7% of users from the US and 8% of those from the UK were asked to pay a ransom to regain access to their own files. Plus, 23% in the US and 14% in the UK have had passwords stolen.
People who’ve been victims of cybercrimes are more security conscious. As an example, 39% of people in the US and 32% of those in the UK who haven’t been hit with malicious cyberactivity don’t protect their files. But for those who have been victims, those numbers drop to 16% and 19%, respectively.
Still, a full 75% of those surveyed said they do protect their files in some way. Among them, 46% opt to use passwords, 16% use encrypted cloud storage, and 12% said they manually hide files on their computer. Only 10% protect their files with dedicated encryption tools.
“Even though the safest way to protect files is encryption, NordLocker research shows that only 1 out of 10 people uses an encryption tool to protect their files,” Noble said. “The results indicate that cybersecurity is still murky waters to some computer users, and public education on the matter needs improvement. There’s a silver lining to this, as half of the respondents (50% of US users and 56% of those from the UK) have heard about the possibility to protect their files with encryption.”
People naturally value certain types of files more than others. In the US, medical records and tax records tied for the No. 1 spot, each considered the most private and valuable types of files by 72% of the respondents. Some 67% of US users cited photos as the most valuable, while 65% pointed to work-related files. In the UK, photos were seen as the most private and valuable file types by 70% of those polled. Some 69% of UK users pointed to medical records, 60% to work-related files, and 60% to tax records.
“Although users consider photos as the most valuable, these types of files don’t hold any sensitive information that could be used in a scam,” Noble said. “On the other hand, various documents, tax information, and medical records contain Social Security numbers and bank account details, which could cause people financial harm or pose a risk of identity theft.”
If email is considered an unsafe way to share files, what other options are available for people?
“The safest way to share your files is by encrypting them first,” Noble told TechRepublic. “If you use a reliable encryption tool, you can securely share them in any way that suits you. After you encrypt files on your computer, you can transfer them anywhere, for example, send them via email or instant messaging apps, upload them to your favorite cloud provider, or put them on a removable drive. Only you and the recipient, who you share access to the encrypted file with, can safely see its contents.”
If people still want to share files via email due to the convenience, Noble urges them to take the following steps:
- Password protection is key. People need to enable two-factor authentication where possible or use password generators to create complex passwords.
- Some email service providers allow you to set an expiration date on your email, so that after a certain date, it will no longer be readable by the recipient or anyone else.
- Before signing up for an email provider, users need to familiarize themselves with its terms of service. The latter should explain what kind of security is offered, how the data is being processed, whether it passes through automated scanning, etc.
- Cybersecurity experts recommend using privacy-focused email providers like ProtonMail or Tutanota that feature built-in encryption, which automatically secures the entire mailbox and address book.
Finally, cloud-based file sharing sites that use encryption are another option.
“File encryption is the safest way to store data both on your device and in the cloud,” Noble said. “If taking your own care of encryption sounds like too much of a hassle, the easiest way then is to look for providers that offer automatic encryption to the data they handle.”