Agilewords Blog

5 Risks When Sending Legal Documents By Email

If you had to post a highly confidential business document, would you send it in the regular mail or with a courier? My guess is the courier and it’s not because it gets there faster.

There’s a reason the courier, for example UPS, asks you to sign before they give you the package. It ensures that its delivered it to the correct address, is tracked in their system, and most importantly that it gets to the right person.

Now, how about if you were sending the document by email. Would you send it with Microsoft Outlook, Hotmail, Gmail or have it ‘couriered’ with a secure web application?

5 Risks when Emailing Business Documents

We’re all creatures of habit. Most of us grew up with email and used it to send documents back and forth for document reviews.

However, as the business landscape changed, so too did the demands on companies to support remote offices and international clients. Emailing documents to business partners in the UK, who then forwarded it to clients in Dubai… it’s fine for low level communications but what happens when the documents are highly confidential?

Sending business documents by email poses several risks:

  1. Traceability – It’s hard to determine where each email goes after it lands in the receiver’s inbox. Maybe he shares it with another colleague or maybe with a rival firm. From your desk, it’s hard to tell. Document Collaboration tools show you when, who and where text was changed seconds after the document was altered.
  2. Security – The unsecure nature of email transmissions means that it is relatively simple for others to intercept, monitor, and tamper with documents. In Agilewords, we offer server-side encryption of the document.
  3. Receipt – Depending on the email software you use, it’s also hard to tell if your colleague actually received the email. You can ask for a ‘confirmation’ to be sent back but some users turn this feature off. Other don’t know how to use it or simply won’t use it.
  4. Viruses – Every time you share a business document by email, for example a legal contract, there is a risk that the response may contain a virus, Trojan horse, or malware. While your corporate firewall may catch most of these, all it takes is one to get through to do the damage.
  5. Mobility – The popularity of memory sticks and USB drives means that documents are easily shared ‘offline’ as well. These ‘mobile’ documents can be read outside of corporate firewalls and shared without your permission whereas with Agilewords the actual file is never shared.

Email may be the most convenient tool for sharing documents but it is also the most risky.

So, what’s the alternative?

Using Document Collaboration Software to Send Business Documents

If we go back to the courier analogy, one of the advantages they offer is greater ownership of the document as it makes its way across the country.

They act as the intermediate and protect your document en route. So, why not do this online?

When we developed Agilewords, one of our goals was to give users the piece of mine that their documents were secured. Furthermore, that there would be a single master copy and only authorized individuals could read the material.

Agilewords reduces the risks posed by email in the following ways:

  1. Traceability – It tells you, the Document Owner, of every change to the master document. Agilewords sends you notifications showing who and where each document was edited.
  2. Security – Documents are uploaded to the system via secure web pages. Document reviews are also performed over a secure connection, thus reducing any tampering or listening from unauthorized parties.
  3. Receipt – When you send a document for review, you can ask the reviewer to confirm they have received it and, as the review cycle comes to a close, send them a reminder to complete it on time.
  4. Virus – As Agilewords is web-based there are no risks with viruses, Trojan horses, or malware. In addition, there is no installation required thus reducing maintenance and license costs.
  5. Mobility – The master copy is retained online and shared with authorized individuals only.


If your business sends and receives confidential documents by email, I’d suggest looking at alternative tools that protect your business assets and also ensure that your credibility will not be undermined should a client’s email be intercepted.

Proven technologies, such as Agilewords, provide a secure document collaboration system that reduces the risks associated with email. Want to learn more? Please Take The Tour here.

  • Agilewords 101: Review a document and post feedback

    Agilewords 101: Review a document and post feedback Watch this video

  • Agilewords 101: Make online edits and track document changes

    Agilewords 101: Make online edits and track document changes Watch this video

  • Agilewords 101: Invite collaborators to review a document

    Agilewords 101: Invite collaborators to review a document Watch this video

  • Thomas


    Possible solutions to each point:

    1) Tracability: Asymmetric encryption prevents anyone from handling the email unless the sender intended them to be able to decrypt it

    2) Security: Again encryption, either Symmetric or Asymmetric can be used here

    3) Receipt: The is more complex than you'd assume at first glance. If you do receive confirmation, how can you actually verify that the receipt that you receive is actually from your college and not spoofed? @Michael's suggestion of signing emails is relevant here and can help verify confirmation emails (and submitting the emails in the first place)

    4) Viruses: Never open files unless you know where they came from, you trust the sender and you can verify the sender. Again, @Michael's suggestion of signing emails helps here as tampering with signed emails is close to impossible (say, impossible enough), however can you prevent the infected computer of a trusted college from sending you a copy of a virus? I guess the answer cannot be found in email..

    I'd suggest using a digital asset protection system, like the one my company offers. We can offer two-form authentication which prevents viruses using key loggers or session hijacking techniques to send you virus infested files through our system.

    Which ever way you decide, it doesn't hurt to manually run the file they sent you through a virus scanner before you run the file, or even better, use a webmail system (similar to Hushmail, Gmail, Hotmail or Yahoo! Mail) which scans files for viruses before you even have them on your local network/computer.

    5) Mobility: Asymmetric allows you to transport files in a way that can't be opened without a private key which live on your home and office computers.

    I'd be happy to discuss ways of securing your digital assets further with any company who wishes to review their security protocols and practises.


Leave a Reply