You are right, according to the standard, section 4.2 clearly states "Never send unencrypted PANs by email"
Winzip may not provide the most reliable encryption. Besides, its best not to restrict yourself to encryption of attachments. As the others rightly pointed out, some options are S/MIME, OpenPGP.
These are not present in all email clients, however, Thunderbird and Outlook by default come with the functionality.
One very good resource that might help you make a choice is NIST guidelines on Email Security
http://csrc.nist.gov/publications/nistpubs/800-45-version2/SP800-45v2.pd
f
It would be great if you shared your choice and the reasoning behind the same once you've made up your mind.
You are right, according to the standard, section 4.2 clearly states "Never send unencrypted PANs by email"
Winzip may not provide the most reliable encryption. Besides, its best not to restrict yourself to encryption of attachments. As the others rightly pointed out, some options are S/MIME, OpenPGP.
These are not present in all email clients, however, Thunderbird and Outlook by default come with the functionality.
One very good resource that might help you make a choice is NIST guidelines on Email Security
http://csrc.nist.gov/publications/nistpubs/800-45-version2/SP800-45v2.pd
f
It would be great if you shared your choice and the reasoning behind the same once you've made up your mind.
HTH,
Khushbu Jithra
Practice Lead | Audits and Compliance
NII Consulting | Web: www.niiconsulting.com
[ reply ]