Cybersecurity Focus: How to Safely Send Email

Art Miller

Billions of emails are sent daily. But how secure is email? 

The truth is that email is not a secure method for sending sensitive information, whether written in the body or as an attachment. Once the email leaves your inbox, you lose control of the information, which may be forwarded, printed or otherwise shared (see Outlook encryption). If you're sending sensitive information to another person on campus, consider using OneDrive. OneDrive has features such as limiting who can access the file, who can share the file and requiring a password to open. 

Follow these tips to safely send email: 

Send From UARK Email 
Always use your UARK email account to conduct university business. Email sent from a non-UARK account is not as secure and is more likely to be identified as junk mail or caught by spam filters. 

Include an Email Signature
The university recommends that faculty and staff create an email signature that conveys professionalism and represents the university. The university has specific guidelines for the email signature.

Encrypt Email 
Use Outlook's built-in email encryption when sending sensitive information, including university ID number and other personally identifiable information (PII). Never email Social Security numbers or credit card information. Refer to the Data Classification and Data Management policies to learn more. 

Use Official Outlook Apps 
Outlook is the only allowed app for accessing your UARK email and calendar. Outlook provides increased security, convenience and a consistent experience. It has also been configured at the university to minimize phishing attempts.  

• Set up your UARK email in Outlook for Windows, Mac, iOS and Android. 
• Outlook on the web is also available for securely accessing your UARK email from any device. 

Safely Send Mass Email 
To keep your departmental or class emails from being blocked or filtered, do not CC or BCC large groups of people. Use mailing lists or email groups instead. Refer to the university's Communications, Brand and Mass Email Usage Policy for more details. 

Use a professional tone and make sure the grammar and spelling are correct. Follow the University Relations Style Guide standards to give your email a greater degree of credibility; for example, always use "University of Arkansas," instead of "UA."  

Provide Verifiable Contact Information 
Include contact information with a phone number and email address in the signature block and/or as a separate paragraph in the body of the email to allow the reader to verify that the email is legitimate. Where possible, refer readers to departmental web pages or other trusted sites containing a version of the same or related information. 

October is Cybersecurity Awareness Month, a global effort to help everyone stay safe and protected when using technology whenever and however you connect. Simple steps such as storing data securely in OneDrive, avoiding and reporting suspicious messages and keeping software updated can go a long way toward protecting our campus community online. Throughout the month of October, get to know the basics of cybersecurity with the IT Services' Cybersecurity Checklist and the Cybersecurity and Infrastructure Security Agency resources.