Difference between revisions of "Send encrypted email messages"
Jump to navigation
Jump to search
| Line 16: | Line 16: | ||
# Find the '''Encrypt''' icon in the ribbon | # Find the '''Encrypt''' icon in the ribbon | ||
<gallery widths=600px heights=300px> | <gallery widths=600px heights=300px> | ||
| − | |||
File:EmailEncrypt.png | File:EmailEncrypt.png | ||
| + | File:EmailEncrypt.png | ||
| + | |||
</gallery> | </gallery> | ||
# Click on the arrow below the padlock, for the list of encryptions | # Click on the arrow below the padlock, for the list of encryptions | ||
Revision as of 17:14, 31 March 2020
About this article
This article explains how to facilitate secure communications containing confidential data – to an Advisor, Faculty or Staff member, etc. when there is no other alternative for things like registration. Encrypted E-Mail is an option you may use to send small quantities of private data between employees within the MinnState system during this crisis. It should not be used for sending large files containing hundreds of grades, act scores or any SSN’s or banking data, but for sending a single student’s academic information to an advisor this will work well.
Steps to send an Encrypted Email
This functionality is currently available in Microsoft Outlook.
- Create a new email message
- From the Menu Bar click on Options
- Find the Encrypt icon in the ribbon
- Click on the arrow below the padlock, for the list of encryptions
- EmailSetPermissions.png
- You might see multiple addresses, in that case, select the MNSCU email address then you will see a list of possible Encryption options.
- Select and use: MNSCU-Confidential View Only
The picture below summarizes the steps you need to take: {Insert email steps pic}
You will then see this information at the top of the email:
{Insert email top pic}
Difference Between Encryption types
Best and Preferred methods of Encryption
- MnSCU - Confidential Read-OnlyItalic text: This is the preferred option to use and as its name implies, it is Read Only and allows you to send to internal MinnState users only. Messages cannot be opened by third party such as Gmail or Hotmail. The recipient of the email cannot copy, forward, or reply to this email.
- MnSCU - Confidential: only use If you absolutely need a response. Realize the email could be forwarded within MinnState.
Less Desirable but if you must send outside of MinnState system
- Do Not Forward – allows to send a message outside of our MinnState system, example: Gmail, but the gmail account cannot directly respond or forward. If you absolutely need to work with a user outside MinnState, you may use this to send, but keep in mind we do not ever want people to send you private data directly (i.e. SSN).
- Encrypt Only – (the Least desirable method) this allows you to send an Encrypted message outside of our MinnState system, they can respond to you, but they can also forward to another person thus risking a breach of sensitive information. Use this option ONLY if you need to send outside of MinnState system and a response is required from the receiver.
General Expectations Using the Encrypt Feature
- Make people use the correct portals to get data themselves whenever possible
- Double check Encryption is on. Triple check Encryption is on. We don’t want to accidentally send non-encrypted e-mail containing private data. Unfortunately, we don’t have a way to FORCE the use of this feature, or even auto-detect content yet.
- Use Read-Only whenever possible. This greatly reduces where that data can be sent.
- If you need to use this option, please include a new signature that tells the recipient:
- DO NOT save the included data to their local computers
- DO NOT copy the included data into a separate e-mail
- DO NOT print the included data (or the e-mail)
- Set a follow-up on these messages with a short, but reasonable date, to remind you to DELETE these encrypted e-mails. When you delete a message that you send as Read Only, it is no longer available to whomever you sent the message. This ‘cleanup’ operation is very important as this exception is only a temporary solution during these unique situations.
{Insert Email Follow Up pic}
Checklist for Sending Sensitive Data for Registration
- Is there any possible way for the requestor of this information to obtain this information directly from the source?
- If no, then create email and set encryption on
- Before you write your message, Check if the email displays the encryption info message
- Is the level of encryption displaying: MNSCU – Confidential Read Only
- If not, was it an oversite or intentional?
- Change Encryption level if incorrect
- Double-check encryption is on
- Double-check the level of encryption appropriate.
- Write message
- Triple-check all the above
- Send