February 8, 2022
Emails lead to 91% of all cyberattacks — the same email where you may send personal information, such as your W2s, bank routing number, or social security number. Unencrypted emails can also expose confidential information about your company, such as its strategy plans and financial performance. So, before you hit “send” on that email, remember the following rules of thumb for protecting your sensitive information.
Audio: Listen to this article.
Two Things to Remember When Handling Sensitive Information:
- Share only with those who have a need to know.
Before sending your personal or client information, make sure you know who you're sending it to. Check that you have the right person’s email address and are only sending it to that person. Also, if you are asked to provide private information over a group email, make sure to send the individual your information separately. This way, only that person can view it, and not all your colleagues. We call this the “minimum necessary.”
- Encrypt emails containing sensitive information.
According to a national survey commissioned by Egress, 79% of organizations share personal information and/or sensitive business data internally without encryption. The survey also says 64% of organizations share that information externally without any encryption. Encryption converts a message from readable print to scrambled text, and only the intended recipient has the ability to decrypt it. Thus, you should encrypt any emails containing sensitive information. It’s just one extra step to securing your information.
In the past year, 64% of companies worldwide have experienced at least one form of cyberattack. Don’t let your company become a part of that group because of an unencrypted email.
We are a trusted public relations advisor to cybersecurity companies and organizations seeking helpful expert guidance on corporate communication before, during, and after a cyber attack. If you're currently experiencing a cybersecurity incident, book a crisis cybersecurity consultation. Not under duress and looking for help communicating about cybersecurity before a cyber attack? We can help you. Book a free cybersecurity consultation.
This post about data handling is number two in a series of eight posts on cybersecurity for strategic communications professionals. Click to view the previous post "What PR pros need to know about passwords and cybersecurity awareness" or the next post "What PR pros need to know about computer theft and cyber security awareness" in the series.