Email security describes the various techniques used for keeping private information sent through emails secure against unauthorised access or loss. Because email is such a commonly used form of communication, it is a popular channel for the spread of malware, spam, and phishing attacks; such as using deceptive messages to entice recipients into divulging sensitive information, opening attachments or clicking on links that install malware on your device.
Email is also a popular entry point for attackers looking to gain access to an enterprise network and breach valuable company data. Don’t wait for an attack to happen to your business, be proactive with the best practices listed below.
There’s no way around this: Information stored and sent over email is vulnerable. How can you reduce the risk of becoming the target of an attacker? Follow these best practices:
Don’t open attachments in unfamiliar emails. Email attachments are still a popular way to circulate malware – all it takes is one click, and you could download harmful spyware onto your computer or device.
Don’t click on suspicious links. If a link looks like it has come from an unfamiliar source, don’t click it. It could take you to an unspecified location and possibly download malware into your device.
Pick a strong password (and change it frequently). A strong password is crucial. A weak password is one that can be easily guessed. Make sure your password has a combination of lower- and upper-case letters, numbers and symbols, and make it unrelated to your personal life. A passphrase is a good option, as it will be easier to remember and harder to hack e.g. “trAff1cishorribl3!”
Avoid unsecure Wi-Fi. Unsecured Wi-Fi connections are open invitations to cyber-criminals. They can gain public access to the system, and view any traffic you send or receive; which basically means they have gained access to your account. Make sure your home network is secured with a strong password, and be cautious when using public Wi-Fi.
Avoid sending unnecessary personal information. Phishing involves goading a user to send personal login information (usually under the pretence of a communication from an official but familiar company). As a general rule, it’s best to avoid sending any personal information over email.
It is important to know and understand that malware sent via an email message can be very destructive. Often containing malware in attachments that are designed to look like legitimate documents or include links that lead to websites that download malware onto your device, all it takes is one click to become compromised.
Phishing attacks against businesses are very common and are often targeted at departments that handle sensitive personal or financial information, such as accounts payable or human resources. Often a sense of urgency is instilled into communications to increase the chances of success in gaining your login information, passwords, bank account numbers, and even credit card information. Some may even link to a counterfeit website that look exactly like that of a reputable business to trick victims into entering their information.
Due to the popularity of email attacks, it’s crucial that enterprises and individuals take measures to secure their email accounts against common attacks, as well as attempts at unauthorised access to accounts. Precautions include setting up a strong firewall, ensuring your antivirus is up to date and has the most recent security patches installed, and making the most of a clean mail service like the one Focus provide – Focus Clean Mail.
From the below chart, you can see the percent of Spam that we see going through our Spam filters from 10 of our clients domains. With Client 1, 98% of all email we process for them is quarantined.
Courtesy of Digital Guardian, here are some email security best practices for enterprises and individuals.
There are multiple ways to secure email accounts, and for enterprises, it’s a two-pronged approach encompassing employee education and comprehensive security protocols. Best practices for email security include:
There are also some important best practices that end users should follow to ensure secure email usage. Arming your employees with the know-how to avoid risky behaviours can make a substantial impact on your company’s ability to reduce risks associated with email. Email security best practices for end users/employees include:
By educating employees on email security and implementing the proper measures to protect email, enterprises can mitigate many of the risks that come with email usage and prevent sensitive data loss or malware infections via email.