Email Security for Faculty
How do I email sensitive information?
Use Azure Rights Management (ARM) to encrypt your files prior to emailing. This was previously known as Windows Rights Management (WRM). You can also encrypt the email itself.
Follow these simple steps to encrypt a Microsoft Office file:
- Click on the Office icon in the upper left hand corner of the screen.
- Click on Prepare.
- Click on Encrypt Document.
- Enter a password (then confirm).
- Save the document.
If you already have a Word or Excel file open you can do the following:
- Click on the File tab in the upper left hand corner of the screen.
- Click on the Protect Document Icon.
- You may select Encrypt with Password or Restrict Access.
- If you choose Encrypt with Password.
- Enter a password (then confirm).
- Save the document.
- If you choose Restrict Access.
- Choose Restrict Document.
- Click restrict access to the document.
- If you want the receiver only to be able to read the attachment select read.
- If you want the receiver to be able to change the document select change.
- Type the user's first.last@unco.edu into the field.
- Click OK.
For setting restrictions on Microsoft Outlook emails:
- Click on the Office icon in the upper left hand corner of the screen.
- Click on Permission.
- Click on Manage Credentials and set your preferences there.
NOTE: If you use Azure Rights Management (ARM) to protect an email that contains an attachment, and you have not encrypted that attachment, the attachment itself would not be protected, just the email would be. So to protect and email’s contents and the attachment, you would need to use Azure Rights Management (ARM) protection on both.
To password protect a PDF document:
- Locate the file you would like to protect.
- Right click the file and click on SEND TO, COMPRESSED (ZIPPED) FOLDER. This will create a folder named the same as the file was named and will place it in the same location as the file. (For example, if you zipped a file called, “UNC.pdf,” from your desktop, you will now find a folder called, “UNC,” on your desktop as well).
- Go to the newly created zipped folder.
- Double click on the zipped folder.
- Click on FILE, then ADD A PASSWORD.
- Type in the password you would like to use and click ok.
- Close the zipped folder.
- Open a new email.
- Attach the ZIPPED folder (not the original file).
- Send the password in a separate email, or provide over the phone.
- NOTE: This requires the receiving party has the ability to open password protected .zip files.
Are there other things to consider before SENDING an email? Here are some great rules to live by when sending email:
- Never provide your PDID, passwords, PIN numbers, financial information, or other personal information in email unless it’s encrypted.
- Never send sensitive data to addresses at Yahoo, Hotmail, Gmail, etc.
- Think first! Ask yourself if REPLY ALL is necessary
- Double check the addressee(s) before hitting send on sensitive emails.
- Never provide information about students or the University unless you are certain of a person's authority to have the information, and you are authorized to provide it.
Are there other things to consider before OPENING an email?
Consider these 2 things:
- Never click on links in emails that want you to provide personal information.
- If there is ever any concern over an email, contact the sender or the TSC at 351-HELP to check the legitimacy of the e-mail prior to opening it or acting upon information in it.
What should I do about SPAM (unsolicited email)?
If you received SPAM mail, the best thing you can do is not open it, just delete it! There are also some things you can do to reduce the amount of SPAM you receive:
- Use your email program’s junk filters to minimize what makes it to your inbox.
- Set your email to ask you before downloading pictures in an email.
- Turn off read and delivery receipts and automatic processing of meeting requests.
- Limit the places where you post your e-mail address.
- Do not open or reply to SPAM.
- Watch for checkboxes that have been checked for you when filling out forms online.
- Do not provide personal information via email.
- Do not forward SPAM.
- Don't contribute to a charity in response to a request sent in e-mail.