Emailing PII and Sensitive Data

Much of the information we send in emails across the NDU network requires protection. Digital signatures and encryption are email tools we use to maintain the confidentiality, authentication, and integrity of this information. Knowing how to use these tools, when they are needed, and how to resolve issues that may arise helps NDU faculty, staff and students to better protect their own information and NDU’s network.

NDU supports encrypting and digitally signing email using Microsoft Outlook 2010 and a DoD-issued Common Access Card (CAC). Use of an email client other than Outlook does not obviate the requirement that you encrypt and digitally sign email containing privacy sensitive information. 

DoD policy requires digital signatures and/or encryption for the following:

Examples of Email that Must be Digitally Signed Examples of Email that Must be Digitally Signed AND Encrypted
  • Messages containing formal direction to government employees or contractors;
  • Messages stipulating an official NDU position;
  • Messages that commit to, authorize or deny the use of funds; and,
  • Messages that contain an embedded hyperlink or attachment, as these are often used to conceal malware or viruses.
  • Controlled Unclassified Information (CUI)
  • For Official Use Only (FOUO)
  • Personally Identifiable Information (PII) – Examples include social security numbers (SSNs), alien registration numbers, biometric identifiers, and financial account numbers.
  • Health Insurance Portability and Accountability Act (HIPAA)
  • Proprietary Data
  • Contracting Data

 

Emails, CACs and Public/Private Keys

NDU's Privacy Program 

NDU's Privacy Program provides information on the following topics:

A CAC contains one or more sets of public/private cryptographic key pairs that are uniquely associated with the identity of the person to whom the card was issued. These two keys are used to assure non-repudiationintegrity,and confidentiality

  • Non-repudiation and Integrity: A private key stored in a PKI certificate on your CAC is used when you digitally sign an outgoing email. The corresponding public key associated with that private key is delivered to the recipient in the email you send. The recipient then uses your public key to verify your identity (non-repudiation) and that the email has not been altered in transit (integrity).  
  • Confidentiality: Encrypting an outgoing email requires the use of the intended recipient’s public key from a PKI certificate previously sent to you by the intended recipient. The only key that will decrypt your email is the private key that corresponds to the recipient’s public key. This is how message confidentiality is maintained: no-one but the recipient has the private key that can decrypt it. This means that -- in order to send an encrypted email to someone -- you must first have received a digitally signed email from that person.

Digital signatures confirm that the message comes from the sender who signed the message, and that it has not been altered at any point during transmission. Digital signatures also ensure that the sender cannot deny sending the message, since it required access to the private key on their CAC. You may choose to digitally sign all of your email messages by default, using an Outlook setting, or you may choose to turn your digital signature on and off depending upon the content of the email you are sending.

Email encryption protects information confidentiality by ensuring that no one but the intended recipient can read it. When you encrypt an email message, you rely on your ability to access the recipient's public key, usually from within a directory or access list, or from a previously received email from which you added the recipient to your contact list. When the recipient receives and decrypts your email, they use their private key , which resides on their common access card (CAC). Likewise, your own public key resides on your CAC. Public keys can be transmitted between users via emails that are digitally signed using CAC certificates.

In addition, encrypted emails containing privacy sensitive information must be appropriately labeled as follows:  

  • Include the subject line: "FOUO: PRIVACY SENSITIVE."
  • Include the attachment file name (if any): "FOUO: PRIVACY SENSITIVE."
  • Include in the body of both the email and the attachment (if any): "FOUO: PRIVACY SENSITIVE.  Any misuse or unauthorized disclosure may result in both criminal and civil penalties." 

The ability to encrypt email does NOT enable users to send classified information over unclassified systems. Doing so constitutes a classified messaging incident (CMI) that must be reported to DoD’s Privacy Manager, and which may result in disciplinary action against the violator.

Digital Signature and Encryption Controls in MS Outlook

Receiving Digitally Signed Email Messages

When you receive a digitally signed email message, a red ribbon appears next to the subject line of the email in your inbox. Once the email is open, the signer’s name appears after “Signed By” in the header of the message, and a red ribbon will appear in the far right corner of the message. Open in the normal manner.


Receiving Encrypted Email Messages

When you receive an encrypted email message, a padlock appears next to the subject line of the email in your inbox. A gold padlock will appear in the far right corner of the message. When you open the email, you may be prompted to enter your CAC PIN. If the email was sent without access to your current public key, you will not be able to open the email.


Sending Digitally Signed or Encrypted Email Messages

NDU recommends that you toggle your digital signature and encryption options on and off depending upon the type of information you are sending via email message, although it is also acceptable to enable your digital signature for all outgoing email (See “MS Outlook Settings,” below).

To toggle ON or OFF a digital signature or encryption in MS Outlook, open a “New Email,” click on the “File” tab, and then click on the “Options” tab. You can choose to “Encrypt” or “Sign” this email without affecting the settings for other outgoing email.


MS Outlook Settings

NDU highly recommends that you DO NOT modify your MS Outlook settings to encrypt contents and attachments for ALL outgoing messages, as this may prevent many of your email recipients from opening your email. Encryption works best when the sender and receiver have previously communicated with each other via digitally signed emails, and when both choose and agree to exchange unclassified information that requires encryption.

To modify your MS Outlook settings to digitally sign all outgoing email, click on the “File” tab from your Inbox, and then on “Options” in the left tool bar.


In the “Outlook Options” dialog box that opens, click on “Trust Center” in the left tool bar, and then on “Trust Center Settings.”


In the “Trust Center” dialog box that opens, click on “E-mail Security” in the left tool bar, and then click “Add digital signature to outgoing messages.”


Encryption Troubleshooting

If you need to exchange an encrypted email with someone using a private, non-NDU or non-DoD email address, that person will need to ensure that their email program is configured to send and receive signed and encrypted email messages. DISA offers instructions for the most widely used email programs at https://iase.disa.mil/pki-pke/Pages/email.aspx, and for specific mobile devices at https://iase.disa.mil/pki-pke/Pages/mobile.aspx

A common issue preventing the use of encrypted email is that the sender may not have the recipient’s public key (preventing the recipient from opening the encrypted email). The NDU global address list (GAL) may not contain the recipient's public key, or the recipient may exist outside of NDU. 

If you aren’t sure whether you have the recipient’s public key:

  1. Open a digitally signed message from the recipient;
  2. Right-click the sender's name in the “From” field; and,
  3. Select “Add to Outlook Contacts.”
CAC-enabled email senders can also retrieve an NDU or DoD recipient's email address and public key from DISA’s DoD Global Directory Service. The service opens an email window and automatically provides the recipient’s public encryption key for the sender’s use.  

Reporting the Spillage of Privacy Sensitive Information

The transmission of unencrypted information requiring encryption must be reported to the NDU Senior Agency Official for Privacy who will process the report according to the guidelines of the DoD Privacy Program. See "PII Breach Reporting," on the NDU Privacy Program site.