Cybercrime and data theft are two very big areas of concern that pose threats to businesses in 2018. Most companies spend a large amount of their budget trying to mitigate these concerns. There are hundreds, if not thousands, of different threats out there at any given time that could pose a concern to your business practices and could also severely damage your brand reputation. There have been numerous cases recently where large companies have had data breaches and precious client data was taken and exposed, presenting many problems.
Many of these data breaches happen due to poor email security practices. That’s why there is such a need to train employees, so they are armed against data breaches and phishing scams. Phishing scams are defined as “a form of fraud in which an attacker masquerades as a reputable entity or person in email or other communication channels.
The attacker uses phishing emails to distribute malicious links or attachments that can perform a variety of functions, including the extraction of login credentials or account information from victims.” Modifying user behaviour is one of the biggest ways that companies can reduce susceptibility to cybercrime and data theft.
In this blog post, we’ll highlight six important email security best practices:
1. Passwords
This might sound straightforward, but having a strong, secure password is one of the major lines of defence you can take against cybercrime. An employer must put strict password guidelines for employees in effect. A secure password is almost impossible to guess. The only way someone can hack into your system is by using sophisticated “password-guessing” software. This software runs through millions of possible combinations until it eventually lands on the correct password.
Here are some valuable e-mail security best practices to keep in mind when creating a strong, secure password:
- Use a combination of random numbers, letters and special characters
- Use both upper- and lower-case letters
- Do not use your birthday, hometown, pet’s name, child’s name, university, workplace or anything else that someone can easily guess
- Do not use common number and letter combinations like “abc123”
2. Be Mindful of Phishing Emails
Companies are responsible for having email security features enabled and for using IT solutions that help prevent phishing emails in the first place. But educating employees on what these emails look like if they happen to get through, is equally important. These emails usually contain a link to a known website.
Once you click the link, you’ll find yourself looking at a website that seems familiar to you (but is fake). You then enter your email and password (in an effort to login) and your information is subsequently stolen. It can happen just like that so be mindful and weary any time you receive an email like this. If you’re unsure, it’s best to report it as a possible phishing email and let the experts handle it.
3. Two-Tier Authentication
As part of your e-mail security best practices, try to set up the two-tier authentication on all your devices. The two-tier authentication provides an extra layer of protection for your files and emails. Someone can have your password, but with two-tier authentication, they still require a unique code to access anything. If you’ve ever used this before, you’ll know that you usually get this code sent to your phone, making it difficult for anyone to access it.
4. Monitor Incoming Attachments
The best way to do this is to install an anti-virus and anti-malware email security software on all employees’ computers to scan all emails and spam filters. With this in place, employees will get a notification before opening the email, alerting them to the potential threat. They can then act against opening the attachments before potentially installing something malicious.
5. Avoid Public Wi-Fi
While this is something most employees do at some point, it’s best to avoid connecting to public wi-fi using your company laptop. It’s very easy for hackers to break into your system when you use public Wi-Fi. Hackers can use numerous “open-source packet sniffers” on wired or wireless Ethernet networks.
Packet sniffers work by “intercepting and logging network traffic that they can ‘see’ via the wired or wireless network interface that the packet sniffing software has access to on its host computer”. Even if you don’t open your email while on public Wi-Fi, a hacker can still access it. As much as you can, it’s best to just avoid public Wi-Fi.
6. Spam Filters
Spam filters have become quite sophisticated and are another great way to weed out potential threats. Make sure your spam filter is turned on. Some emails will automatically be placed into your spam filter, so you don’t even need to deal with them. Another advantage of using your spam folder is that you can alter the settings to include specific keywords. If you frequently get phishing emails and have noticed a common keyword, you can input that keyword and block these emails in the future.
We hope these six email best practices will keep your emails safe moving forward. Remember, education is the best defence against cybercriminals.
