Cybersecurity Focus: How to Safely Send Email
art miller
Billions of emails are sent every day. But how secure is email?
The truth is that email is not a secure method of sending sensitive information, whether in the body or as an attachment. Once the email leaves your inbox, you lose control of the information, which can be forwarded, printed, or otherwise shared (see Outlook Encryption). If you’re sending sensitive information to someone else on campus, consider using OneDrive. OneDrive has features like restricting who can access the file, who can share the file, and requires a password to open.
Follow these tips to send email securely:
Send from UARK email
Always use your UARK email account to conduct university business. Emails sent from a non-UARK account are not as secure and are more likely to be identified as junk mail or caught by spam filters.
Add an email signature
The university recommends that faculty and staff create an email signature that conveys professionalism and represents the university. The university has specific guidelines for email signatures.
Encrypt email
Use Outlook’s built-in email encryption when sending sensitive information, including university ID number and other personally identifiable information (PII). Never email social security numbers or credit card information. For more information, see the Data Classification and Data Management Guidelines.
Use official Outlook apps
Outlook is the only app allowed to access your UARK email and calendar. Outlook offers increased security, convenience, and a consistent experience. It was also configured at the university to minimize phishing attempts.
Send bulk email securely
To avoid having your department or class emails blocked or filtered, don’t CC or BCC large groups of people. Use mailing lists or email groups instead. For more information, see the University’s Communications, Trademark, and Bulk Email Usage Policy.
Use a professional tone and make sure grammar and spelling are correct. Follow the University Relations Style Guide standards to give your email a higher level of credibility; For example, always use “University of Arkansas” instead of “UA”.
Provide verifiable contact information
Include contact information with phone number and email address in the signature block and/or as a separate paragraph in the body of the email so the reader can verify that the email is legitimate. Whenever possible, refer readers to departmental websites or other trusted websites that contain a version of the same or related information.
October is Cybersecurity Awareness Month, a global effort to help everyone stay safe and secure while using technology, whenever and however you connect. Simple steps like securely storing data in OneDrive, avoiding and reporting suspicious messages, and updating software can go a long way in protecting our campus community online. Learn the basics of cybersecurity throughout October with the IT Services Cybersecurity Checklist and Resources from the Cybersecurity and Infrastructure Security Agency.