How to encrypt emails and protect clients' data

by MacPaw

This article is posted with permission from our partner MacPaw. MacPaw makes Mac + iOS apps that have been installed on over 30 million devices worldwide. Freelancers Union members receive 30 days of free unlimited access to CleanMyMacX and Setapp:  https://freelancersunion.org/resources/perks/macpaw/

Business communication in the digital world means you must take extra precautions to keep data safe. And as a freelance worker, you’re in charge of protecting your information and your clients’ information, too. One way to do this is to encrypt emails to keep your communications private and secure. But what does it mean, anyway? In this article, MacPaw’s cybersecurity division Moonlock gives step-by-step instructions and explanations on the matter.

Understanding email encryption

When sending things like W2s or other legal documents over email, you want to ensure that nobody in the middle can read its contents. Email encryption works like locking the door to your message and giving the key only to the recipient. Even if criminals intercept it, encryption turns your message into ciphertext, so none other than the recipient can read it. If hackers can’t find you, they can’t affect you. 

Types of email encryption

Learning how to encrypt emails is essential for keeping your data safe. That said, the process may differ based on the service or client you use. There are two main categories of email encryption that subsequently branch out into different types of encryption.

Transport level encryption (TLS)

This type of email encryption scrambles and secures message content during transportation but not before or after. 

Here’s a picture for you. Imagine Jane is sending a gift from Munich to New York. She packs the gift into a box to keep the contents private and secure like she would encrypt an email. A postal carrier takes the box and delivers it to a local post office. Here, the content and delivery details of the package are checked before going further towards New York. Upon arrival in the US, the package goes through customs for another inspection. Finally, it reaches the post office in New York for one last check before the final destination. The whole journey is similar to TLS encryption, where emails are decrypted and re-encrypted by every server before they are delivered to their recipient.

End-to-end encryption (E2EE)

With end-to-end encryption, emails are secured before leaving your computer, throughout transport, until they arrive to the recipient. 

Returning to our postal metaphor, E2EE is similar to sending a package from one neighborhood of Munich to another. In this case, a postal carrier takes the box from Jane and delivers it straight to the recipient. The box is unpacked only once and only by the person it was meant to be delivered to.

Popular types of end-to-end encryption for emails are Pretty Good Privacy (PGP) and Secure Multi-purpose Internet Mail Extension (S/MIME). Many modern email services use S/MIME, which works similarly to PGP. However, S/MIME users must obtain keys from a specific certificate authority, like RSA Data Security Inc. or VeriSign, Inc. We’ll look into that in the encryption instructions for Apple Mail.

How to encrypt an email

Many modern email systems encrypt and decrypt automatically without the user having to do anything. However, with some of them, you need to enter your login credentials before unlocking and reading the emails. Each service is different. Often, you and the person you are sending a message to must use the same service for the encryption to work. 

How to encrypt in Gmail

If you wanted to know how to send a password-protected email, here's how:

  1. Open Gmail and select Compose.
  2. At the bottom of the email, press the lock icon.
  3. Set a passcode and expiration date here. If you choose “No SMS passcode,” recipients using the Gmail app can open the email directly, while others will receive the passcode via email. If you select 'SMS passcode,' the passcode will be sent to recipients via text message.
  4. Press Save.

How to encrypt in Apple Mail

As we said earlier, Apple Mail has S/MIME built in by default, so it's a bit tricky to set up. You can't just dive straight in and start sending. 

The very first step in this slightly long process is to obtain an encryption certificate via the Certificate Assistant in Keychain. At Moonlock, we prepared a short video tutorial that shows how to get one, have a look:

<iframe width="560" height="315" src="https://www.youtube.com/embed/oxsFLsFpkLI?si=N5CXJ6yjHxcXjVd0" title="YouTube video player" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" referrerpolicy="strict-origin-when-cross-origin" allowfullscreen></iframe>

To get your new certificate working with your email, just restart Mail. When you open it again, Mail will automatically sign your emails with the public key—you’ll notice a checkmark icon in the Subject field. Just remember to use the email address associated with your certificate!

If the recipient also has a certificate, you’ll see a lock icon next to the checkmark. Turn it on to send an encrypted email.

How to encrypt in Outlook

To use encryption tools in Outlook, users often need a Microsoft 365 subscription or an additional setup. 

  1. Choose Outlook and select Preferences.
  2. Select the account you want to send an encrypted message from and click on Security.
  3. In Certificate, select the certificate that you want to use. You'll only see those certificates that are valid for digital signing or encryption. 
  4. Choose OK, and then close the Accounts dialog box.
  5. In a message, choose “See more items” and select S/MIME > “Encrypt with S/MIME.”

For an additional setup, you can use third-party services. The most popular are PreVeil or Mailvelope.

How to encrypt files for attachments

If you don't feel comfortable setting up certificates or need to encrypt an attachment, there are encryption apps that can do the hard work for you. 

For example, you can use Encrypto to send files via email, Messages, AirDrop, Dropbox, or any other method. You can encrypt your files before transferring them, set a password, and send them with added security. Encrypto works for macOS and Windows and is completely free.

Email is often considered a more official medium for business communication than messengers. At the same time, cybercriminals can easily find your business email on the web and use it to do damage. Whether it’s your personal data or the sensitive information of your clients that’s stored in emails, exercising caution and adding encryption to each message won’t hurt anyone. We at Moonlock hope the tools mentioned in this article will help you navigate this topic and make your work a little safer.

More from the Freelancers Union blog