No Email is Completely Secure

May 29, 2019

Sharing documents with clients, opposing firms, and others as email attachments could be exposing you and your firm to undue risk.

Risky Email

In the first part of our series, we discussed the dangers of insecure document sharing and described the drivers behind the use of email. In this installment, we drill down into the risks inherent in document sharing through email, and why the measures firms take to protect confidential emails may not be as secure as you think.


No Email is Completely Secure

Email makes document sharing easy. No need to wait for a courier. All you need to do to share a document with a client, opposing firm, or third party is specify the recipient, attach your document, and press “send”.1

Whether you know it or not, this process exposes you to all kinds of risks, from “bad actors” to human error. Yet, nearly 90 percent of firms surveyed said their firms use email to collaborate with clients or third parties on matters, with almost 75 percent using it daily.2


Five Common Email Risks


Email can expose your confidential information even when you take measures to protect it. The most common risks? Emails can be:

1. Intercepted and read at routers, internet service providers, or IT departments
2. Inadvertently sent to the wrong person
3. Forwarded to an unauthorized recipient
4. Printed and then read by an unauthorized recipient
5. Lost in a spam filter3

In the worst case, your emails may be the target of malicious hackers seeking to profit from your clients’ data. No email platform is completely immune to security breaches, and just one compromised inbox could put an entire firm’s data at risk. In a survey of IT professionals, 71% believed they had likely experienced a theft or loss of email attachments.3


Why Risk Reduction Measures Aren’t Enough


There are measures you can take to reduce risk, but they aren’t foolproof. Encryption won’t protect against copying, forwarding, or downloading once the message has been decrypted. Confidentiality statements are no better. As licensed attorney Christopher T. Anderson states, “confidences, once let into an unsafe ether, are put at risk, and no ‘confidentiality statement’ can mitigate that.”2

In our next installment, we cover two more common document sharing methods: thumb drives and consumer file sharing services. We’ll wrap up our series with a post covering solutions to the security gaps in typical document sharing approaches.



Michael Sauber Head Shot - smallAbout Michael Sauber
Michael Sauber leads the marketing program for Korbitec, producer of Automated Civil Litigation Software (ACL). He has worked with document production technologies and professional services for over 30 years and is a frequent blogger on these topics.



1  Fox-Mills, Alexis. The importance of secure file sharing for law firms. workshare.com. February 1, 2017.
2  File-Sharing in the Legal Industry. LexisNexis. 2014.
3  Christopher T. Anderson and Dan Barahona. When “secure enough” isn’t enough: A Law Firm Guide to Protecting the Confidentiality of Shared Client Files. LexisNexis. January 8, 2018.