8 Essential Email Security Practices for You and Your Business

At HubWise Technology, our customer’s will interact with our helpdesk on a regular basis.  We expect our technicians to respond quickly to our customer’s day-to-day needs, and fix any issue’s rapidly.  We believe in the importance of these interactions, and our technician’s ability to diagnosis and fix issues to ensure technology is enabling success for our customer’s. But, securing our customer’s data is our most important job.  New threats emerge rapidly, and we use a multi-tiered and layered security approach to protecting against malicious actors. Email security is one of the layers that we use, and we are constantly working towards staying in front of the newest threats.  

Email has become an integral part of our daily communication, and it has also become a significant target for cyber attackers. Securing your companies email is crucial to ensuring the protection of the data that your company holds. Many emails contain sensitive and confidential information, including financial details, personal information, and business strategies. It is not only the information that is stored within individual emails, but how they can be used to gather information, and gain access to all of your data.  Therefore, it is essential to have the best security practices deployed to protect yourself and your organization from cyber threats. 

1.         Use strong passwords: A strong password is the first line of defense against cyber-attacks. Make sure to use a complex password with a combination of upper- and lower-case letters, numbers, and symbols. Avoid using common words or personal information such as your name, date of birth, or pet’s name. Put silos around your passwords, do not intermingle professional and personal passwords. Password management software can be deployed to give each employee a private, and encrypted vault to store passwords and logins.

2.         Enable two-factor authentication: Two-factor authentication (2FA) or multi-factor authentication (MFA) is a security feature that adds an extra layer of protection to your email account. With 2FA, you will need to provide a password and a verification code sent to your mobile phone or another trusted device to access your account. This is a simple to deploy strategy decreases risk exponentially.

3.         Keep your software and hardware up to date: Make sure your email client, anti-virus, and anti-spam software are up to date with the latest security patches. Cyber attackers often exploit vulnerabilities in software to gain unauthorized access to email accounts. While having to restart your computer mid-day can be frustrating, it may not be a new feature that you are delaying, but a known security hole.

4.         Be cautious of phishing emails: Phishing emails are designed to trick you into revealing sensitive information such as login credentials or personal information. Be wary of emails that ask you to click on links or provide personal information. Typically, a “good” phishing email prompts you to act quickly, don’t. Always verify the authenticity of the email sender before responding, carefully check the email address and pick up the phone if you are not sure.

5.         Use encryption: Encryption is the process of converting plain text into an unreadable format to protect sensitive information. Consider using an email service that supports encryption to protect your emails from unauthorized access. The best email protection security, will scan your outgoing email, and automatically encrypt if there are credit card numbers, social security numbers, etc.  This is a great backstop, but if you are sending an email that can’t or should not be read by anyone other than the intended recipient, use encryption. 

6.         Use a VPN: A virtual private network (VPN) provides an encrypted tunnel for your internet traffic, making it more difficult for cyber attackers to intercept your email communication. If you must use a public Wi-Fi or unsecured network, consider using a VPN when accessing your email or any other sensitive information.

7.         Be cautious of attachments: Malicious attachments can contain malware or viruses that can infect your computer or network. Be wary of attachments from unknown senders, and always scan attachments with anti-virus software before opening them. If your company is not using advanced email security, talk to your provider.  Attachments should be opened within a sandboxed cloud environment automatically before they are delivered to your account.

8.         Avoid using public computers: Public computers can be compromised with keyloggers or other malicious software that can record your keystrokes and steal your login credentials. Avoid accessing your email from public computers or other unsecured devices. While this is not as common as a practice as it once was, if you do not travel with a laptop, and use a hotel business center instead, make sure that your account is protected by 2FA, and update your password after logging off. 

Cyber attacks typically begin when a malicious actor gains access to an improperly secured email, or when the victim falls prey to a phishing attack.  If you believe that your email account has been accessed, immediately contact your IT provider.  HubWise Technology is an expert in email security and can help your company ensure that best practices are being followed.