When sending encrypted email to a Recipient it is important that they have a clear understanding that the email is encrypted + password-protected and what to do to access it. The BeachheadSecure email encryption plugin for Microsoft Outlook offers default templates that are used when sending out encrypted email.
You can adjust the email template to be specific to your organization / purpose. However due to a number of large-scale data breaches we do not recommend using personal information such as the Recipient's ID number as that PII data might be easily obtained from a breached dataset. Rather use something more private or "secret", like a Client ID or Entity #.
More importantly, if you are wanting to use personal information, then by all means avoid communicating this in the encrypted email being sent as a compromised / attacked email will reveal to someone (a bad actor) exactly what is needed to open and decrypt to PDF file to view its contents.
Below are some typical examples when corresponding with clients'. We've highlighted the text that should not be included. Rather not mention it in the body of the encrypted email being sent. Passwords and/or password hints for encrypted emails should be communicated as a separate stream (out-of-band), for example in another email, SMS, or other mediums. BeachheadSecure Email Encryption software will accomplish this best practice for you. The software will automatically transmit the password or password hint needed to open the the encrypted PDF file as a separate message to the recipient with a separate email or SMS, or it also allows you to manually communicate it by some other means e.g. via a WhatsApp message or a phone call.
BAD EXAMPLE 1
Dear Mr/Ms. XXXX
We have added a password to protect your personal information
The safety of our clients' information is our number one priority. Adding a password helps keep your personal information secure in line with the [General Data Protection Regulation (GDPR) / Protection of Personal Information (POPI) Act. or any regulation you are subjected to comply with]
Please make sure you have Adobe Acrobat Reader installed.
When you open the attachment you will be required to enter a password. Use your ID Number as the password.
BAD EXAMPLE 2
Dear Mr/Ms XXXX
A document about your [policy/contract/account] is attached
The attachment is encrypted and password protected for your security. Please enter your ID Number as your password to open it.
To open and view this document, you will need Adobe Acrobat Reader which you can install free by clicking here.
BAD EXAMPLE 3
Dear Customer Name
Welcome to [Company Name]. We've attached a copy of your [welcome letter] to this email.
To ensure the confidentiality of your personal information, we have encrypted and password protected the document. You can unlock it by using the following details:
Your date of birth in the format DDMMYYYY.
The [Welcome Letter / document] is in PDF format, which requires Adobe Acrobat Reader to be installed to view it. If you don't have the latest version of Adobe Acrobat Reader installed on your PC, please click here to download it.
If you have any queries or need any additional information, please contact [Person Name & Contact Details]. Alternatively, you can send any general queries to [firstname.lastname@example.org].
Contact Us to request a Free Trial of BeachheadSecure Email Encryption.