Encryption of files

What is encryption?

Encryption is a method of scrambling or locking the contents of a file so that only intended recipients can read it by unlocking the file with a special key, which is often a password but the key can also be a private file which only the intended recipient holds.

Why encrypt files?

Sometimes you may be required to send sensitive information to another party as an email attachment. There is usually no way of ensuring that the entire path from the sender to the recipient is safe and free from prying onlookers who could intercept the attachment and make their own copy.

One way of ensuring that only the sender and recipient can read an attachment is to encrypt it, passing the special key via a different channel, e.g. over the phone or as a text message. It is critically important that the key is not sent by the same method as the attachment, as then the prying onlookers would have both the file and the means to unlock it.

How should I encrypt the file?

How to encrypt a Word or Excel document:

Once you are happy with your document, take the following steps:

Go to file (main top bar menu)

Go to ‘Info’

Select ‘Protect Document’

Select ‘Encrypt with password’

Choose a strong password. Please note that if you forget this password, you will not be able to access this document. We would recommend that you retain an unprotected version of the document internally, in a secure, access restricted location, to ensure ongoing accessibility.

Select ‘OK’

Re-enter the password as prompted

Select ‘OK’

Your document will now require the password to be opened by the receiver.

How to encrypt a PDF document:

Once you are happy with your document, take the following steps:

Go to ‘All Tools’ (main top or left bar menu)

Select ‘Protect a PDF’

Select ‘Encrypt with password’

Select ‘yes’ to change security setting

Check the box for ‘require a password to open the document’

Select ‘OK’

Re-enter the password as prompted

Select ‘OK’

Your document will now require the password to be opened by the receiver.

Removing passwords

Follow the initial steps and when presented with the existing password, delete it. Your document will then revert to unprotected.

Additional information

The password will encrypt the contents of the document while travelling between sender and receiver. It will also mean it will not be accessible if the document is sent to the wrong email address in error.

Communicate the password for the document via a separate channel – do not include it in the cover email.

The encryption of documents can be a robust security measure. It is also recognised that the addition of encryption and passwords can add administrative overheads. If you are regularly and routinely sharing information that requires encryption with a particular organisation and a trusted source, you may agree to a set password that can be used each time. This will negate the need to send the password repeatedly or assign and manage multiple passwords.

Whilst this will still protect the contents of the document in transit, and protect against unauthorised access if accidently misdirected, we would still recommend that that the agreed password is changed at regular intervals.

Please also take care to still check you have the correct recipient.

Double check that you have the correct document and that it contains the details of the correct person. Do not overwrite previous documents; use a clean template each time.

Where possible, do not include sensitive content in the cover email. This will not be protected.

Where regular and repetitive transfers of data with an external party are required the third party may make available secure portals for the transfers to take place. These should be used wherever available.

Where to go for help

Please contact IMPS@reading.ac.uk if you have any questions.

Things to do now

Download Encryption Policy (PDF-216KB)

Contact IMPS

Email:
imps@reading.ac.uk
Telephone: +44 (0) 118 378 8981