How to share sensitive files safely online

Sharing sensitive files securely online has become more necessary than ever as our lives increasingly shift to the digital space. And while this shift offers us many advantages, it also exposes us to the threat of potential data theft. Whether it's personal, medical or financial information, any data accessed by cybercriminals can be exploited for fraud or even extortion.

Failing to securely share files containing your most sensitive information can have significant consequences - and no one wants to suffer the stress, financial loss and time-consuming effort required to recover from a serious data breach. With so many options available, it can be difficult to know where to start.

Why is secure file sharing important?

According to a recent survey, 61% of Americans have learned that their personal data has been compromised on at least one of their accounts. And more than two-fifths (44%) say this has happened multiple times.

Often, cybercriminals target the organisations that manage our data. According to Verizon, over 94% of data breaches in 2023 hid financial motives and over 70% were carried out by organized crime groups. However, these same motives are pushing cybercriminals to target individuals through phishing attacks.

What to watch out for

There are many options for sending your files to someone. De facto some cannot be applied to sharing files digitally, such as USB sticks or other removable storage media. The following also have their drawbacks:

• Attached email files: People often think this is the best way to send sensitive files. They forget, however, that many providers do not necessarily encrypt a message once it reaches the recipient. Also, what if the recipient's email account or your own account is compromised? There is also a size limit on many platforms, which may not be enough for large image or video files. A proven service that offers end-to-end encrypted email is generally a better option in many scenarios, but there are other options.
• FTP: The file transfer protocol (FTP) was created specifically for file exchange. It is designed to be a secure form of FTP, but it does not have built-in encryption (unless you use the secure form known as FTPS or a secure alternative to FTP known as SFTP) and may require settings that only businesses and tech-savvy people can understand.
• P2P: Peer-to-peer (P2P), which removes the middleman, can work for sharing some files, but in the absence of other precautions it is generally not the best choice.

7 tips for secure large file sharing

End-to-end encrypted cloud storage suits most people, especially when the above solutions fail. If you take the right precautions, it can provide you with a secure storage solution where your files are kept under lock and key. You can then invite selected users to view them by giving a time-limited download link. This is important as it means you can update the files as you go and everyone can see the same copy.

However, not all solutions are the same and there may be other steps you need to take to mitigate the more serious security, privacy and user experience concerns.

Consider the following:

• Choose end-to-end encryption (E2EE): as your files are encrypted at the source and decrypted at the planned destination (and remain encrypted during storage), E2EE is ideal for device-to-device data exchange. This then covers encryption during storage and transfer and means that even if the provider is targeted by an attack, your data will not be exposed. In addition to E2EE cloud file sharing providers, there are also E2EE email services available, although there are restrictions on file size.
• Opt for a provider that prioritizes security and privacy. There are many solutions on the market. It is important to do some research beforehand to make sure the provider you choose is the right one. Read the privacy policies and understand how your data is secured.
• Make sure that files are protected with a strong and unique password to keep them safe from prying eyes. Enable two-factor authentication (2FA) to further protect your account from phishing and other attacks. Set up a share link so that those with the link can access your files.
• By setting an expiry time on the links you send to a recipient, you can minimise the risk of unauthorised access to your files. Some providers may also give you the option to remotely delete files or revoke access after they have been downloaded, for further protection.
• If possible, don't access accounts with sensitive data when you're connected to an unsecured public Wi-Fi network. If you must do so, make sure you use a reliable VPN.
• Check the size limits of cloud file-sharing services to make sure you can send data quickly and easily.

It goes without saying that you should treat any links to file-sharing websites with caution - even if they appear legitimate. Security software will scan such links or downloaded files for malware and keep your own machine safe from attacks aimed at hijacking or intercepting communications.
We all have different tolerances for security and privacy risks. But using the above tips as an easy guide, you'll be able to choose the service that suits your file sharing requirements.