Is Your Company Email Secure?
Email is a very important tool that every business uses to communicate. Business owners depend on it to talk with their internal team, clients, and vendors. Because company email typically contain confidential and proprietary information, they are very attractive to cyber criminals. Is your company email secure?
When you send a company email over the internet, it is just like sending a postcard in the mail. Anyone can intercept it during its journey. However, it is possible to increase the security of your business email with a few steps.
- Create a Strong Password: This might be the most obvious but it is important to have a strong password. We encourage our clients that use a passphrase and 2 Key Authentication. This is a great first line of defense to secure your email.
- Use Email and Server Encryption: If you send an email without making sure that it is encrypted, it can be intercepted and read by hackers. Make sure you are using an email encryption software and that the connection from you server is encrypted as well. Having several layers of security will help keep you safe.
- Verify the Sender: One of the easiest ways to ensure your emails are safe and secure is to make sure you know who the email is coming from. If the sender looks suspicious in any way, don’t open it.
- Use a Secure Email Service: The experts advise caution when using Web-based e-mail accounts because they are regularly targeted by criminals. I am sure everyone at one point or another have received a spam email from someone we know because their account was hacked. If you are using a Web-based browser, you need to ensure the connection is encrypted with Secure Sockets Layer (SSL) protection. Check for https instead of http in the Web address. If you see https, you will know you are using SSL encryption.
- Educate employees. The best security technology in the world can’t protect one of the main sources of risk for your business, human curiosity. It’s not just a matter of securing outgoing e-mail; your company’s data can be at risk with incoming mail as well. Not only is there a rise in malicious spam, there’s an evolution in delivery methods. The malware that will compromise your network is not in the e-mail, so the e-mail slips past security gateways. The malware is delivered when the curious recipient clicks on the URL in the e-mail to visit a website. Educate your employees during end user training so they know what these suspicious emails look like and how to respond to them.
- Update software. More times than not, most businesses set up their emails and then leave them. Stay on top of your e-mail server software. Understanding vulnerabilities and religiously installing updates and patches is critical. Expired software can also leave you vulnerable to an attack. Scan e-mail for content. It is important to find a software product that will filter for content such as inappropriate language and images, both incoming to provide a professional work environment and outgoing to protect your company’s reputation. Content can also be scanned for information you don’t want sent externally, such as social security numbers and credit card account data. At Protek, we like to use Mimecast. They have been a great partner in an effort to keep our clients safe.
- Vet your vendor. Chances are you’ll turn to a third party for e-mail security. Talk to your IT professional and see what they recommend you use for a service.
For most small businesses, simply taking the time to question and to evaluate your business email security is a great place to start in protecting your business from spam and cyber criminals. If you need more information about keeping your business email safe, contact Protek today.
[button link=”[email protected]” type=”big”] Call Protek TODAY – 801.290.0388[/button]
Eric is the owner and CEO of Protek Support and is a CISSP (Certified Information Systems Security Professional). He graduated from Utah State University with a Bachelors of Science degree in Business with an emphasis in Information Technology (IT). He is an IT Services expert in a variety of technology related fields. Some of these fields include document management software/hardware, enterprise level networking and VoIP phone systems, as well as large scale software implementation projects and the setup of small business networks.