Posted On 21 Jan 2020
Cyber-attacks are becoming ever more prevalent, with attacks on small companies doubling in the last year and an average loss of $188,000 for each company attacked. Email is one of the prime entry points for hackers to get your confidential information and resources. Below are four tips that can help you ensure you keep your email secure.
Email encryption: if you use email encryption, only those people you want to have access to your emails can read them. There are a number of ways of encrypting emails; you can install plug-ins on your current email setup, install email certificates such as PGP so that employees can give senders a public key that will encrypt their email and a private one to decrypt it, or you can subscribe to an encrypted email service.
Secure passwords: every employee should have a unique password for the computer and email. They should be changed at a minimum every three months, and you should consider installing multifactor authentication when changes are made. A strong password will be at least 12 characters combining upper and lowercase letters, symbols, and numbers. Easily discoverable personal information should not be part of a password, nor should basic forms like “123456” or “password” be used. A password manager can generate passwords for different accounts that can be accessed with a single password, avoiding the problem of making sure a separate password is used on every application that requires them. Software is also available that can alert you to any breaches of email security.
Employee training: a huge number of data breaches are caused by the fact that employees are properly trained in secure email behavior and how to avoid attacks. They should be trained to: ignore attachments and links from people they don’t know; ignore any email that requests personal information or password changes; make sure antivirus software is installed and up-to-date on that computer; use encryption for any sensitive emails; not use their work email for personal communications; and don’t automatically forward any emails out of the company system. Some companies like to test their workers with potentially threatening emails, rewarding them if they follow the correct procedures.
Keep devices secure: on any device, company or personal, used to send work-related emails, employees should use encryption, password protect their device, and use security apps that prevent hackers accessing data through Wi-Fi networks. If you are providing devices for your employees, choose models that can allow you to manage the device easily and wipe off company data as appropriate.