Penetration testing, also referred to as pen testing, is a simulation of a cyber attack that organizations conduct to identify security vulnerabilities within their systems. By
Sending sensitive information over the internet is often necessary, despite the risks. You may need to send copies of your passport to validate your employment status at a new job, or you might need to send tax forms with your social security number to your accountant. How can you send this information without making it vulnerable to cybercriminals?
Using a software platform that uses zero-knowledge encryption is the most secure way to share sensitive information and files. Encrypting a file makes it unreadable to cybercriminals who intercept your web traffic or breach your computer, and zero knowledge is the most secure type of encryption.
What Kinds of Documents Are Considered Confidential?
Any document containing Personally Identifiable Information (PII), including your home address, phone number, social security number or information about your family, is considered confidential.
Examples of documents that meet this definition include:
- Tax forms, such as W2 or 1099
- State ID or driver’s license
- Passport
- Social Security card
- Birth certificate
- Contracts
- Bank account information, such as statements
- Credit card statements
- Loan details
- Bills
- Background checks
- Health records
The Most Secure Way to Send Sensitive Documents
Different methods of encryption are commonly used to send sensitive information over the internet, but the most secure type is zero-knowledge encryption. What makes zero knowledge the most secure is that it uses the highest level of encryption and the data is encrypted at all times, including in the cloud. Some password managers, like Keeper Security, utilize zero-knowledge encryption to allow users to safely store and send passwords and documents.
A password manager is a great all-in-one solution for the average person with a variety of cybersecurity needs aside from solely password management, such as storing and sharing files securely.
What To Look For in a Secure File-Sharing Platform
Whatever platform you choose for sending sensitive documents, here’s what you should look for:
1. Multi-Factor Authentication (MFA)
MFA is when two or more methods of authentication are required in order to log in, including your username and password. For example, you could have both a password and receive a code via SMS. The code would be entered along with your username and password when you log into your account. Another common method is using a hardware security key.
It’s worth noting that unless SMS is your only option, you should avoid this method. SIM swapping is a common cybercriminal technique in which they use social engineering to gain access to your phone – including the codes that are sent to you. However, while SMS MFA makes your accounts more vulnerable than other methods, it’s still better than no MFA at all.
2. Time-limited sharing
When you share a file, you should limit the amount of time the recipient can access it. A breach sometime down the line could compromise your sensitive information if your unsecured file is discovered. Setting a time limit means no one will be able to access your file after the time limit is up, even in the case of a breach, which increases the security of the document.
For example, Keeper’s One-Time Share feature allows you to securely share information with anyone, even if they don’t have a Keeper account. You can set a custom time limit for the shared file, and once the link is opened, the file is only accessible on the device it was opened on – meaning if a cybercriminal were to open the link on another device, they wouldn’t be able to access anything. After the time is up, the share will expire automatically. You can also “unshare” the record at any time. Your sensitive information is completely in your control.
3. Multi-use
Why download a whole app for file-sharing if a password manager can also do it for you?
Keeper Password Manager stores and securely shares any kind of record type, including confidential documents, credit card numbers, banking information, and of course, passwords. You can also create custom records to adapt to any type of information you want to securely store.
4. Easy to use
Your file-sharing platform should also be easy to use. Humans seek convenience, and jumping through hoops to secure a file would cause many people to not bother. Many cybersecurity systems fail because they don’t account for the human element. An easy, intuitive platform that integrates seamlessly with your workflow is the best choice – because you’ll actually use it.
Mistakes People Make When Sharing Confidential Documents
Typically, our files are not well-protected in our everyday digital lives, so it’s easy to make mistakes that put your sensitive information at risk. Avoid making these mistakes to stay protected:
1. Sending files through email or text message
We send files and information through text messages and email all the time – so it seems natural, but these methods are not secure. Standard email and SMS text messages are not encrypted, making information sent through them vulnerable, both in transit and at rest. These methods are frequently compromised by breaches and Man-in-the-Middle (MITM) cyber attacks.
If you send sensitive information through email, it could be exposed through a breach on either your account or the recipient’s account. Not only that, but if the recipient never deletes their emails, your document has a chance of becoming compromised for as long as it’s in their inbox, since their account could be breached at any time in the future. Sending files through text message poses similar risks.
2. Encryption using file processors
It’s commonly recommended to encrypt a file with a processor like Adobe PDF, then email the file, providing the code to decrypt it over a different method of communication. We get why this is a recommendation – encryption is effective, and most people have access to this method. While it’s better than sending a file over email without encryption, it’s still not very secure.
There are known vulnerabilities associated with the type of encryption that’s used in this method, and some versions encrypt only the file’s contents – not other information about the file, such as file size. It’s also common for cybercriminals to hack multiple accounts at once – meaning, they could have access to both your emails and text messages to find the code you sent to decrypt the file. Additionally, file processors don’t usually offer a time-limited option with their encryption.
3. Sharing files on public WiFi
Cybercriminals can intercept your traffic and steal the private information you send over public WiFi because they also have access to the public network. Sending sensitive data over public WiFi increases your risk of falling victim to a cyber attack.
Zero-Knowledge Encryption Is the Secure File-Sharing Solution
Zero-knowledge encryption will give you peace of mind when sharing sensitive information. When using a password manager like Keeper, all your passwords and private information are managed in one convenient, super-secure place. The zero-knowledge security architecture ensures that no one – not even Keeper employees – can access your vault at any time.
If you’re ready to use Keeper to securely store and share your documents, start your 30-day free trial today.