July security post - be careful what you email
It may seem innocuous to email this information, especially if there is an existing relationship with a vendor or client. However there are several reasons it’s not safe to send emails with protected information without encryption.
- Emails can easily be sent to the wrong place by typing an address wrong, or your auto-fill may suggest a similar looking but incorrect address
- The requesting source could have been compromised, or their email address can easily be spoofed
- Emails can be retrieved from servers or compromised accounts in many ways (think of recent email leaks in the news: Sony, DNC, Health Equity and others.)
Fortunately there are always alternate ways to deliver protected information. Please read our guide on data classification for further information:
https://oit.williams.edu/policies/data-classification-policy-and-usage-guidelines/
Contact OIT at desktop@williams.edu if you have any further questions about data classification, where is it safe to store different types of data or how to safely encrypt data for transmission or email.
Thanks for your assistance
Seth
Director of Desktop Systems
Office for information Technology
Williams College
Megamenu Social