MedSecureSend: Sending Large Files Securely

If you're looking for a good way to securely send large files, use MedSecureSend (MSS). Using MSS keeps your High, Moderate, or Low Risk Information  secure while it is sent. You are encouraged to use MedSecureSend (MSS) when sending large files to individuals outside of Stanford. MSS is easy to use, and helps you avoid attachment size limits: with MedSecureSend you can send files or folders up to 100GB per transfer.

Read below to learn how to:

  • Create your own account
  • Invite a colleague to share files with you
  • Delete your files from the server.

For more assistance using MSS, read the MedSecureSend FAQ, or contact IRT Information Security Services (irt-security@lists.stanford.edu).

 

Please Note:   MSS "send" accounts expire after 30 days of inactivity.

If you have not logged in recently, if you no longer have a "Send" tab, or if you get no response from the "Forgot Password?" link, your MedSecureSend account has expired.

Simply create a new account, in order to refresh your sending privileges: From the login page (mss.stanford.edu), click on "I don't have an account yet" and follow the given instructions. You should use the same user name (your Stanford email), and can use your existing password, if you wish.

Creating Your Own Account

1.  First, go to mss.stanford.edu.

To the right, below the "Login" button, click on "I don't have an account yet."

2.  Type in your email address and click "Register."

Note: You must use an address @stanford.edu in order to create your own account. If you're a Stanford Medicine affiliate but do not have a stanford.edu email address, submit a help request.

3.  MSS needs to confirm your email address; check your email for a message from MedSecureSend, and input the included Verification code here.

4.  Next, create a password (it must be at least 6 characters long and contain at least 1 number). Type it once and then again to verify. Click "Register."

5.  On the next screen, your registration should be confirmed! Click on "OK" to continue.

(Note: For future log-ins, your user name will be your entire email address, not just your SUID.)

6.  On the way to the "Send File" screen, you may get a dialog box asking you to allow a Java applet to access your computer (the MSS interface is Java-based). Click "Allow" to continue, and you're ready to send files.

Sending Files

1.  Once logged in, you are directly presented with the "Send File" page; to start sending a file, begin here (instead of with the File Manager).

2.  To send a file, you can fill out the form just like you would an email.

TO: Enter the recipient's email address. Use commas or semicolons to separate multiple recipients, up to a maximum of 40. Add CC or BCC recipients if you wish.

SUBJECT/BODY TEXT: Give your message a subject line, and enter any email text you'd like to accompany your files.

(Note: If an intended recipient doesn't yet have a MedSecureSend account, they'll still receive your message; once they register, they'll be able to to download your files.)

3.  ATTACHMENTS: You can send files either from your own computer, OR files that you've already sent or received through MSS.

To send a file from your computer:

  1. Click "Choose File/Folder" to open the dialog box for your local system. (Large-file upload is the default; to send a file less than 2GB in size, you may choose "Use Regular Upload" if you wish.)
  2. Highlight the file you want.
  3. Click "Open" to attach the file to the email.
  4. Repeat the process if you wish to upload more files (up to 10 per message).
  5. Click on the red 'X' next to an attached file if you wish to remove it from the list.

To send a file you've already sent/received through MSS:

  1. Click "Choose from File Manager" to open a dialog box.
  2. With the popup menu, choose "My Files" for a list of files you've sent, or "Inbox" for a list of files you've received.
  3. Check the boxes of the file(s) you wish, and click "Add."
  4. Repeat the process if you wish to upload more files (up to 10 per message).
  5. Click on the red 'X' next to an attached file if you wish to remove it from the list.

4.  A progress bar will appear while your files are uploading.

When all files are completely uploaded and the message is sent, a "Sent Mail" confirmation window will appear, letting you know you're done.

When you are sure your file has been received and downloaded by the recipient(s), you can delete it from the server.

Inactive Accounts

Inactive accounts will expire after 30 days. If your account has expired and you need to use MedSecureSend again, you can re-register. Just go to http://mss.stanford.edu, click on "I don't have an account yet," and start the process over. You should use your Stanford email address as your username. You can use the same password you used for MSS before, if you remember it, or you can create a new one. (Remember: NONE of your passwords should be the same as your SUID webauth password!)

 

Inactive Recipient Accounts:
While re-registering for an account—after you click through your confirmation email—you MAY be presented with a page that already has your email address embedded in it, and a box below it for you to fill in your password. In this case, the yellow box tells you to enter your previous password to continue:

This means your previous account was a Recipient account, and you were originally "invited" into the system by someone else. Don't worry: if you remember the password you used before, you can enter it here. If you forgot it, just click on the "Forgot password?" link, and follow the instructions to set a new one.

Inviting a Colleague

If you send a MedSecureSend message to someone who doesn't yet have an MSS account, that person will still receive your message, and be prompted to create an account and download the file. If that message is sent to a Stanford email address, that newly-created account will be a standard user account, and they can continue to send and receive files. BUT, if you need to send files to someone without an SUID, you have two options.

Option 1: You can send an MSS message to anyone, and they will receive an email with a link to create an account and download your file.

However, without an SUID, their home screen will always look like the image at right—they only have one screen: Download Files. There is no option to send; they can only receive files from others. (MedSecureSend defines this type of user as a Recipient.)

Option 2: To allow a colleague without an SUID to send their files to you, you can invite them to create an MSS account. (If you have so many collaborators that it would be inconvenient to invite them all, see the third option: envelopes.)

From your "Send File" screen, click the "Invite User" button in the top right corner, and enter the email address of your invitee. He or she will receive an email with an invitation link, leading them through the process of creating their own account.

(The invitation will expire in 5 days; if time runs out, you can just resend it.)

Your invitee can now send files to anyone already registered with an MSS account—but if they try to send files to someone without an account, they will receive an error message.

This ensures that access to MSS remains restricted, while still allowing you to share with your colleagues outside Stanford.

Envelopes

If you have a large number of colleagues from whom you need to receive files, there is an alternative to sending out a lot of separate invites: you can set up an envelope. The concept is similar to a self-addressed stamped envelope: you give it to someone, and he or she only needs to fill it and send it, and it'll reach your in-box. They don't even need to create their own account, so the sender can be someone with or without an SUID.

To create an envelope, you must first create your own MSS account. Then, submit a help request specifying that you'd like to set up an envelope for MSS. Someone at IRT Information Security Services will work with you to complete the process, and when finished, you will receive a custom URL that points to your envelope. You can give the URL to anyone who needs to send you a file, and you will receive an email with a link to download it, just like a regular MSS message.

(In order to continue to receive files through an envelope, you should make sure your account remains active. Accounts expire after 30 days of inactivity, so make sure to log in occasionally..)

Deleting Files

Once you send a file, it remains on the server for 30 days; however, once the recipient has successfully received and downloaded the file, you can remove it from the server yourself.

1.  Log in at mss.stanford.edu.

Click on the "File Manager" tab at the top left. In the left-hand sidebar of the File Manger, you can choose to view MSS messages you've sent and received, as well as a list of just the files attached to those messages.

2.  To delete a file from the MSS server, go to the "Files" section, where you can view all the files you've sent and received. You can delete files one of two ways:

  • Click the checkbox to the left of the file name, and then click the "Delete" button above.
  • Click the red 'X' to the right of the filename.

3.  When you've chosen to delete a file, a confirmation dialog box appears. Make sure you've got the right file name, and then click "delete" to finish removing your file.

4.  Once you've clicked "delete," you will be returned to your list of files, and the deleted filename should no longer appear. It is now removed from the MSS server, and recipients can no longer re-download it, unless you send it again.

QUICK LINKS

Menu