Best practice to send secure information over e-mail?

emailSecurity

I have to send sensitive information (name, address, social security number etc.) collected from a website, that has been entered by a user, to an e-mail address.

What is the best course of action to make the information secure and easy to extract on the receiver side?

Edit: I will be using ASP.NET for the website, not sure what it has for capabilities on this matter.

Edit: If I decide to store the information in a database and just send a mail when a new entry has been made, would this be better? And create some secure way to dump the information instead.

Best Answer

The best course of action would be to run the other way, fast. Redesign your application so that it doesn't enable identity theft.

You can use S/MIME or PGP to send secure email to most non-Web email clients, but it takes a lot of set up either way: the recipient has to have a certificate, and you have to get the right certificate for each recipient.


As an example of a better design, consider one where the recipient is mailed a notification, and then returns to the web site to view the information after authenticating securely over SSL.

While it helps to reduce the complexity of the system needed by the recipient, the bigger win is that it strengthens control over the distribution and retention of the sensitive information, and aids in auditing the access to that information. Sending someone an email makes it that much easier for them to store it unsafely, forever, or forward it to unauthorized recipients.