Sending Confidential or Restricted Data
WARNING: Laws and their interpretation change constantly and this information may be out of date. Please consult with your company's Technology Control Officer before sending restricted data.
To send us confidential or confidential unclassified information (CUI) you can:
- Encrypt an Email using encryption, we support OpenPGP,
- Use your in-house file sharing methods
Acceptable in some cases:
Never send restricted data by plain email, even if using SSL/TLS type sending. Email can pass through servers all over the world and there is no way to limit who has access to your email and attachments.
Always send passwords for encrypted data separately or even better not by some other means (fax, verbal).
Always consult your in-house appropriate authority if you are unsure on how to send data.
An easy way to encrypt data is to use a program like 7-Zip to compress and encrypt files (use AES-256 or better).
Our preferred method is to email with OpenPGP encryption. After we exchange public keys we can send email safely and openly discuss your program without worry. OpenPGP satisfies NIST 800-171 requirements.
Sending us unencrypted confidential unclassified information (CUI) violates cyber security protocols governed by NIST 800-171 and more.