It Services

Secure mail

INCREASED EMAIL SECURITY AT AAU - MORE SECURE TO SEND EMAILS

All emails sent from AAU will now be automatically sent with encryption during transport on the open Internet.
The transmission of data can be broadly divided into three categories:

  1. Unencrypted transmission
  2. Encryption during transport
  3. Fully encrypted transmission / encrypted content

Category 2 is handled automatically with the new security add-on.
In some cases, Category 1 or 3 transmissions may be required for external email recipients.

CATEGORY 1 – UNENCRYPTED TRANSMISSION

A few domains do not support TLS, so email with TLS cannot be sent to those domains. If an email is sent to a domain that does not support TLS, you will be notified within a day that the email could not be delivered.

This type of error only happens in a very few cases. Currently, a few per thousand of all transmissions are at risk of a delivery error.

If you experience this problem when sending email to a fixed/major partner or similar, you should contact our support since we may need to contact the recipient as they likely have a configuration error that they should be made aware of.

To opt out of using TLS, add [unsecure] in the subject line of the email that will not use TLS. Please note that this can only be done if the email does not contain confidential or sensitive information. This means you are only allowed to send unencrypted emails to external recipients when the email contains data that is classified as public.

Category 2 – Encrypted during transmission

Category 2 transmissions happen automatically. This means that all emails sent from AAU to an external recipient will be automatically encrypted during transport.
 

What may be sent as regular email?

As a rule, large portions of AAU emails can be sent directly to the recipient from your email from now on.
If you need to exchange confidential or sensitive data with an email recipient regarding the email recipient themselves, this transmission method is also allowed.

It is recommended that communication including confidential and sensitive personal data as well as CPR numbers about the recipient be sent to the recipient via ‘e-boks’ where possible. See the guidelines here.

For foreign nationals without a Danish CPR number, sending confidential and sensitive personal data can be done via email to the person's own email address. Optionally, with encryption of attachments where the encryption code is disclosed via another source, for example, in an SMS text message to the person's mobile phone.

According to the Danish Data Protection Agency, encrypted transmission is an appropriate security measure.

If the transmission contains confidential or sensitive data and personal information for anyone other than the recipient, use Category 3.

Learn more about classification of data.

 

Category 3 – Fully encrypted transmission / encrypted content

A fully encrypted transmission or a transmission with encrypted content is desirable in special cases, such as when you need to send confidential or sensitive data to an external recipient about more then 5 persons other than the recipient themselves.


Methods for fully encrypted transmission

For a fully encrypted message, we recommend that you either use e-box via Workzone or encrypt attachments. See instructions here.

If you do not have an employee certificate, it can be ordered by contacting our support.

Guide for secure mail

  • +

    How do i send secure emails to recipents outside Denmark?

    You can also send secure emails to email accounts outside Denmark. If you need to send secure emails to recipients outside Denmark, you must obtain a certificate from the recipient’s international email account.

    How to obtain a certificate from an international email account:

    Ask the user of the international mail account to log in to:

    https://service.nemid.nu/dk-en/support/search_for_certificate/

    and download your AAU certificate. See figure below.

    When they have downloaded your certificate, they must send an encrypted email to the secure email account you wish to use for your correspondence.

    When you have received this encrypted email, you can communicate via your secure email accounts.

  • +

    Answers for questions regarding correct way to send to AAU

    External senders are always responsible for ensuring that the emails they send to AAU are properly encrypted during sending.

    As a starting point, we can therefore not advise external senders on the choice of appropriate encryption.

     

    Last updated 01-06-2021 by nb@its.aau.dk