Is your email secure?
You can't look for news today without hearing about Hillary Clineton's unsecured personal email servers or how they got hacked. But does secure email really exist?
To answer that question takes a little understanding of how email works. When you send email, you send it to your own email server. You can secure this connection with SSL, but that's only one leg of the trip. Once delivered, your email server will then deliver it to the recipient's email server. But some mail servers also send them to intermedia relay servers. This connection is not always encrypted.
If you are emailing sensitive information, it's important that you realize that email was not created with the intent of being a secure message delivery system. It has had security measures placed on top of it over the years, but at it's core, it's still very insecure.
The best practice for emailing secure informatin is to use end-to-end encryption. That means that no matter which servers handle your email, it's encrypted only by you, and decrypted only by the recipient. There are several tools for this like GPG.
The problem with end-to-end encryption is that not everybody has the software to use it. That means that you will be limited in who you can communicate with using this protocol. However, if you only send sensitive information within your office, it might be a solution that works well for sending messages between employees.
When clients contact you, they might send sensitive information in their emails. I've had people send me credit card information through emails. Luckily nothing bad ever came of that, but it's a risk they shouldn't have taken. Because your clients might be less informed about email and security, a communication platform might be a better way to exchange conversations with them.
If you've ever had an electronic conversation with a bank, you've likely already been through this process. You have to log in to their website using an ecrypted website, and your messages have to be exchanged using the messaging systems contained within that site. They might send out an alert via email that you received a new message, but they do not send the message itself, and they instruct you, and prevent you as much as possible from replying to those messages by email.