From downtime and business disruption to the loss of confidential information and reputable damages, the consequences of email security violations can be disastrous. And more businesses are at risk than you can see: a 2018 report from cybersecurity leader Varonis showed that 58% of companies have more than 100,000 folders open to everyone, and 41% have more than 1,000 sensitive files open to everyone.
Fortunately, there are a few simple ways that businesses can use to enhance their email security game:
- Invest in antivirus software. That may be a little obvious, but it is still worth adding to the list. Antivirus software can significantly reduce the threat of email breaches for the security of your business. Antivirus software alone is not enough to completely protect you, however, which is why it is important to use other good practices, too. If you need help choosing the right software, Consumer Reports has a strict purchase guide.
- Use a secure email portal. A secure email gateway – sometimes called an email security gateway – is designed to prevent the delivery of emails that violate company policy, send malware or transmit information for malicious purposes. You can filter out incoming and outgoing email traffic by using a secure email portal within your organization and flag messages with suspicious attachments. A secure email gateway works best when accompanied by automatic email encryption, identifying outgoing messages containing potentially sensitive or private information and encrypting it so that, if caught, hackers can access their content.
- Invest in a secure archive solution. While creating a paper trail is important for both legal and legal reasons, many businesses have some form of the existing system that automatically stores archived email records. But what if that archive is not protected? What you need is a single criminal with the right information to access millions of bytes of sensitive data and put your company at risk. When purchasing email archive solutions, look for one that uses encryption, user authentication, region-based permissions, and more to create a different security model.
- Create strong passwords and invest in multiple authentications. Email security only works if everyone within your organization takes you seriously, so make sure employees use strong passwords. That means no “123456,” “password” or any of these common passwords are painful – even if it means establishing a comprehensive company password policy. For added security, use multi-item authentication, which requires users to provide two or more pieces of authentication when entering their login credentials.
- Note all email attachments. Email attachments make it easy for hackers to transmit malware/viruses and infect your computer. For this reason, it is important to carefully examine all attachments before opening, even if they appear to be from a reliable source. (Remember, an attack on identity theft can be very convincing!) Another easy way to find out if email attachments are safe is to check the file extension – JPG / JPEG, GIF, TIF / TIFF, WAV, MP3, and MPG / MPEG are considered highly safe. Files with XLS, TXT, or DOC extensions are less likely to be secure, so be sure to check the sender before opening. Files with double extensions or EXE extensions should be avoided as a rule of thumb.
Whether you use a small non-profit company or a business-class company, email security should be a priority for all organizations. We hope that this article has helped you learn more about the different types of threats businesses face and has taught you a few tips on how to prevent them.
