I am working with a client that needs to send Excel files with a lot of personal data, to many B2B suppliers regularly.
The B2B suppliers have the right to see the data etc. The problem is about transporting the data. GDPR makes this more complex but taking into account how you can deliver a solution that is not over-complicated for the sender or receiver of the data.
We need to consider that the delivery method itself is secure, that the person who gets the file is who they say they are and the Excel file itself is secured. Once the Excel file has been used, to confirm its removal in some way.
You could add a password to the Excel and then email the password and file to person. However, that's not very secure as a password is in email so you could accidentally email the wrong person. Also, very easy to hack excel security etc.
Maybe send the password via SMS – as 2FA approach. However, means keeping a database of people receiving the file who could be an individual in a large company who moves around, phone numbers change. Very hard to keep track of many people in many companies all with secure delivery.
You could encrypt the Excel file with PGP, assumes the person at the other end has PHP to decrypt etc. Same problems as above with how to get the password – SMS, Email, POST?
Any other options?
Any SaaS solutions out there that do this?
Many thanks
The link below to Cisco might be an option - looking I guess for enterprise style solutions.