Returning forms or sending sensitive data

Sending information in an email attachment is quick and easy to do but you need to be aware that there is a risk that someone could intercept your information if you choose this method. This can be particularly important if the data you are sending contains personal, sensitive or financial information.

In order to minimise the risk we would recommend you encrypt your information before emailing it to us. Encryption uses a software tool to scramble and lock information into meaningless data for all except the people who have the key to unlock and descramble the information. The following provides guidelines on how to do this.

Some applications have built in functionality, which offers protection. Meaning you can encrypt and password protect your document with some simple steps. Steps are normally available within the help feature of an application. However, for quick reference on some of the more common applications you can refer to the following links:

Another approach is to use a compression tool, such as 7-Zip, WinZip or WinRAR for example, is required in order to easily encrypt files. 7-Zip is an open source (free) tool and can be installed using default options. Other tools are available or MAc OSX and Linux platforms. Guidance can be found within this article.

We also strongly recommend that a “strong” password is used to encrypt your files i.e. 15 characters long with a mix of uppercase, lowercase, digits and non-alphanumeric characters. This password should not be sent in the same email as the encrypted document(s). Your encryption is as strong as your password so you should avoid easily guessable words or phrases.

Depending on which tool you use, you may need to enter your password each time you open your encrypted document so don't forget it. You will also need to send it separately to your recipient so they can decrypt your file(s). We recommend calling the recipient.

We also recommend, especially for larger files, sending via BUtransfer, the Bournemouth University files transfer system. This offers a pick up and drop off files and a more secure alternative to standard emails, however we would still recommend encrypting your files/documents before it leaves your system.

To prevent issues in processing your attachment, please ensure your password uses the UK English alphabet. Strong passwords should contain a combination of:

  • letters - from the UK English alphabet in upper (A-Z) and lower (a-z) case
  • numbers - digits from 0-9
  • special charcters - !@#$%^&*()=-{}[]:”|;’\<>?,./|\ only

Remember to tell your recipient the password to unlock the document but DO NOT include the password in the same email as your attachment. We recommend a phone call.