Featured Article: Tracking What Happens To Attachments After They’re Sent

In this article, we look at how there are several risks and challenges associated with sending email attachments, how businesses can track emails, and about a new product that could allow greater visibility and control of what happens to email attachments after they’ve been sent. 

What Happens When Emails With Attachments Are Sent? 

Modern email systems use the MIME standard (developed by Nathaniel Borenstein and Ned Freed) which was officially released in 1996. This allows an email message and its attachments to be sent all in one single multipart message, which uses base64 to convert binary into 7-bit ASCII text, full 8-bit support via the 8BITMIME extension. This standard means that email messages with attachments can be sent in a more utilitarian and seamless way. A message passes through several mail transfer agents along the way to the recipient with the message being stored by each one before its forwarded on.   

Fears And Challenges Relating To Sending Email Attachments 

Although the sending of email attachments is a long established and effective way of sharing files, for businesses especially, there are fears and challenges associated with it, especially where commercially sensitive attachments are concerned. For example, these include: 

– Sending an email attachment generally means that its complete journey and events along the way aren’t invisible (can’t be tracked or monitored) and are beyond the control of the sender, e.g. the sender can’t see who has seen it and can’t revoke access to certain unintended, unfavourable recipients.  

– Unless asking for ‘read receipt’, it is not easy to know or prove who read an email (and when). Emails sent from some marketing platforms, e.g. Mailchimp, do provide some information about who has read an email sent via that platform such as the recipient’s email address and how many times the email was opened. Again, however, this email could be forwarded and the events along the way remain invisible. 

– There is usually no way of knowing exactly how each recipient has interacted with an attached file. 

– Attachments are often used to send malicious programs (malware) and, as a potential security risk, are often viewed with suspicion and may be filtered out by spam filters. 

– Some users may choose to send attachments via other routes that may be viewed as being secure in the first place (e.g. WhatsApp), but this still means that a sensitive attachment’s route after that can’t be monitored. The attachment could still end up in the wrong hands and can’t be revoked. 

Email Tracking Apps 

Using email tracking apps / software tools is one way to track what happens when emails are received and are particularly popular with email marketers. Examples of email tracking apps and tools include: 

– Right Inbox (a paid-for Google Chrome extension). This tracks who reads and clicks on (Gmail) emails, how many times. 

– SalesHandy (free). This provides desktop notifications for every email opened and link clicked. 

– Mailtrack (Gmail extension – free and paid-for versions). This offers engagement information, a dashboard to view tracked emails, works on mobile. 

However, this still leaves the challenge of what to do about tracking and controlling what happens with potentially sensitive attachments. 

Sending Secure Links 

Some users may choose apps that allows them to send secure file links (rather than attachments) so that link properties can be changed as needed and control of documents can be retained. This can be faster (on upload/download time), more security measures can be added, and it can enable tracking, for example, the CloudFiles secure file sharing and tracking app. 

Document GPS 

A possible solution may be ShelterZoom’s Document GPS, available as an extension in Google’s Chrome web store.  Announced as being the first Gmail document tokenization tool on the market, Document GPS appears able to address many of the issues and fears around what happens to email attachments after they’ve been sent. The extension uses blockchain, the same technology behind cryptocurrencies which has been described as being like an ‘incorruptible spreadsheet’. Using this technology, the extension allows the user to monitor and control email attachments and manage their entire journey. The sender can see who downloaded the file, who opened it (via a timestamped log), and who forwarded it. Another important feature of Document GPS is that the sender can revoke a recipient’s ability to download or share the attachments at any time, even after the email has been sent. This addresses the risk of attachments falling into the wrong hands and presenting a commercial risk, e.g. a competitor downloading it.  

Its makers say that the extension can make the full lifecycle of a document’s (email attachment’s)  journey secure and that they plan to release a similar tool for Microsoft Outlook users later this year. 

What Does This Mean For Your Business? 

Retaining control over security in the digital world requires many different tools and technologies. As well as email being a place where many threats can arrive, e.g. phishing emails and malware, it can also be a way to create risk and threats through a lack of visibility and control over what happens to attachments. New developments such as the Document GPS extension, and the power of its underlying blockchain technology could represent a way for businesses to gain new insights and control, thereby improving security and maintaining completive advantages. Blockchain is proving to be a technology that has multiple applications in many industries where precise tracking and audit trails are needed.