How to send GDPR-compliant attachments in Outlook 2016

As European companies and their partners all over the globe are preparing for the introduction of the GDPR – a new set of personal data protection laws – learn how to ensure the compliance of your business correspondence with the new regulation. Our brief guide on secure attachments gives an overview of data protection options offered by MAPILab’s Attachments Processor for Outlook.

In May 2018, the General Data Protection Regulation (GDPR) comes into effect in the European Union – much to the dismay of the international business community. Designed to enhance personal data protection in the region, this package of regulations is unprecedented in scope and detail: it applies to all European organizations that process any personal information within the EU and all foreign organizations that process personal data of European residents from anywhere else in the world. So, if you do business with EU-based corporate and private customers and wonder whether the GDPR applies to you, check with the official text to be on the safe side, but our best guess is yes, it does.

What does it have to do with emails, specifically, attachments? Sending files by email poses a threat of personal data leakage for a number of reasons. First, you could send the file to the wrong recipient or forget to exclude certain recipients from a mass email. Second, cybercriminals might hack your recipient’s mailbox, gaining access to all the attachments in it. Consequently, sending unprotected files and storing them in your mailbox would violate the GDPR and may result in fines and lawsuits.

When it comes to Microsoft Office documents, the solution is at the tip of your fingers: Office functionality enables you to set up password protection for any document in the File menu. However, personal data comes in all shapes and sizes – JPEG and PNG pictures, scanned and faxed PDF documents, screenshots, and so on. You can secure any file against unauthorized access by packing it into a ZIP-archive and protecting the archive with a password. However, repeating the procedure manually for each and every file you send is a bit of a hassle – you could try an automatic tool instead, to make sure you never forget to protect a file.

Outlook users will find a variety of third-party extensions and add-ins that are compatible with Outlook and automate a wide range of routine tasks. However, when it comes to legal compliance, it is recommended to opt for reliable solutions that have been in the market for some time, instead of jumping at novelty tools that were “freshly-baked” for the occasion. Thus, MAPILab suggests using its acclaimed add-in – Attachments Processor for Outlook. This powerful tool with a wide functionality can automatically compress your incoming and outgoing attachments into archives, protecting them with a password and therefore ensuring the compliance of your correspondence with the GDPR.

Once you have installed Attachments Processor, you will find it under the MAPILab tab on the ribbon. To set up rules, hit Options and put a check next to “Use this rule with outgoing messages.” To make this option available, you will need to uncheck the first option, “Use this rule with incoming messages”.

Outlook attachment processor options

Under Folders and Files, you can specify the folder where the attachments are stored, and set up auto-renaming. For instance, you can have all your outgoing attachments renamed after their recipients’ names and stored in a dedicated folder, to make it easier to track who received your files.

Rename Outlook attachment

In Message filters, you can specify parameters of outgoing messages that require attachment protection. Thus, you can indicate key words in the message subject or attachment filename and make a list of recipients who are most likely to receive confidential data from you. However, if you are creating one universal rule for all outgoing messages, we would advise you against limiting the scope of its action.

Outlook attachments filtering rules

Under Archiving, remember to check “Archive attachments when forwarding a message” – if the message you forwarded results in a data leakage, you will be the one responsible, not the initial sender. This tab is also where you can set up password protection for your attachments. Never send the password to your recipient in the same message! It is best if you use an alternative method of communication to give them the password. Lastly, uncheck “Do not archive files with…” because we are setting up archiving for data protection, not storage optimization. Any file, no matter the size or the format, can contain personal data.

Outlook attachments archive options

In password settings for outgoing attachments, you can either select “Ask password for…” and create one-time passwords for your recipients, or set up a default password. Data security professionals recommend to change passwords you use regularly, so remember to update it once a month, for instance, and notify your recipients.

Set password for Outlook message

Importantly, click on “Sending options…” and make sure there are no exceptions there. For the Processor to compress and protect all attachments, all boxes must be unchecked.

Sending messages archiving options in Outlook 2016

If you need different levels of protection for different recipients, you can set up multiple rules that can work in parallel with one another. To do that, click “Switch to Advanced Mode…” under Other. Despite the “all-settings-will-be-lost” warning, you will see your rule in the list and will be able to add more rules and disable or enable them.

GDPR compliant attachment in Outlook 2016

Personal data security has acquired a new urgency in a world ravaged by data leakage scandals and reputation-damaging lawsuits. Ensuring the compliance of your correspondence with the new legislation is just a small step toward meeting its comprehensive set of data-processing rules, but it is a step you can take today – in just a few mouse clicks with Attachments Processor for Outlook.

Leave a Reply

Your email address will not be published. Required fields are marked *


+ 5 = eight

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>