Scenario: Forwarding confidential information via email

General tips

Forward only to recipients you know

Forward confidential data only to recipients you trust:

• Known recipients
• Recipients with @tum.de, @mytum.de and @zv.tum.de addresses or school/department abbreviations that end in "tum.de."
• Digitally-signed emails are also considered trustworthy (learn more here about how certificates can help)

Never forward to personal addresses

Never forward confidential data to private addresses belonging to your colleagues. Every member of TUM can set up an @tum.de address and use it from anywhere in the world through the web frontend (mail.tum.de).

Never forward work emails

As a recipient: never forward your work emails to a private account. If you need access from home or a location other than your workplace, you can access the data via the web frontend (see above). Forwarding data to external mail providers such as GMX, Web.de and Google violates the privacy senders expect when sending an email to a TUM address.

Practical tips

Several options are available for forwarding emails with confidential data, depending on the level of security required:

• Forward an encrypted email: At the LRZ website you can find instructions for sending encrypted emails with Outlook.

• Compress the confidential data in a password-protected ZIP file. Tips and instructions are available under Instructions > Data encryption.

• Forwarding emails without protection: Please keep in mind that the data can be read more or less like a postcard!

• For TUM email systems: If the email does not leave the server, you can assume it's secure. The assumption, in this case, is that TUM has undertaken adequate security measures on the server.
  If an email is forwarded from x@zv.tum.de to y@zv.tum.de (in other words, when the part of the address after @ is identical), you can assume it's secure.

Suitable methods

The following table shows which process is suitable according to how the data is classified: