24 Aug Email Security: How Compromises Cost My Business
Despite nearly all companies relying on email to run their business, many are still getting email security wrong. Email is where hackers try to trick employees to gain network access, where spammers spread their junk email, and where many employees store sensitive personal and financial information. That’s why it’s important to remember not to promote email convenience at the expense of email security or you may pay a steep price.
Underlining the Importance of Email Security
Many companies have suffered greatly after failing to secure their email systems. Many email scammers want to collect financial information, such as with the W-2 tax fraud scam. Companies ranging all the way from small businesses to corporate powerhouses like Macy’s have been hit with this email phishing strategy.
Other hackers are just out to cause trouble by leaking sensitive data, which is what happened to Snapchat after an email attack allowed attackers to leak payroll data across the open Web.
Perhaps the most famous recent email hack example is the Sony hack, which resulted in a mass leak of insider emails. The hack not only embarrassed Sony Pictures, but ultimately led a co-chairman at Sony to resign shortly after the emails were dumped.
Small Businesses Are a Major Target of Email Attacks
Due to their lack of security and investment in the right prevention software, small businesses are increasingly bearing the brunt of email hacks. Symantec found that nearly half of all hack attacks were directed at small businesses, and that a majority of these attacks were email and phishing attacks.
Phishing attack emails are designed to trick your employees into downloading a malicious attachment that contains a virus or click on a link that directs them to a website that contains malware or viruses. Many of these attacks also lead to ransomware infections.
Hackers can leverage just one hacked business email account to infect other users across your network or target other companies that you do business with.
Strategies to Protect Your Email System
With the proper small-business IT support from the right managed service provider like Dobson Technologies, you can implement the following five strategies to protect your email system from the major threats out there with the right IT solutions.
1. Antivirus and Malware Scanning Capabilities
Even with proper employee training on email security, you still need safeguards, such as built-in antivirus and malware scanning capabilities that are always kept up-to-date with the latest patches.
Your email system should be able to detect viruses and other malicious software before your employees download an attachment from an email. Every time an employee clicks on a link, your software should scan the website to see if it’s safe before allowing your employee to proceed.
2. Encrypt Email
Not every email requires encryption, but if you’re sending sensitive information, you need to have this option. In fact, certain federal laws require encryption for key information, such as medical records of tax forms.
3. Use Monitoring Software
It’s also your right as an employer to implement monitoring software that tracks employee activity on your network, which includes emails.
If one of your employees is sending work-related documents to a personal email account, you should be aware of it. Not only does it cause security concerns, but your employee could also take sensitive internal information to a competitor or simply sell it.
4. Keep Your Wi-Fi Secure
If you use enterprise Wi-Fi, it’s important to secure your wireless network. Hackers can snoop on emails and other vital network data if you don’t encrypt communication in transit.
5. Block Spam Across Your Network
The right email system will block the vast majority of spam, which can distract employees and place burdens on server storage.
Importance of Policy and Training
You also need to ensure that employees are properly trained, and that the right policies and smart strategies are in place.
Poor password discipline still remains a problem. Your employees should have a unique work email password that they don’t use for other accounts. The password should be complex, featuring numbers and symbols, and changed regularly.
A recent hack involving 272 million stolen email credentials is a good example of why passwords should be different between accounts. Otherwise, hackers can use the same login and password combinations to access accounts on other websites.
Change Employee Behavior
All employees should have basic training related to proper use of work emails. Ensure employees are only opening documents from trusted sources and avoid following suspect links.
Your work account email accounts are often full of rich data, including company credit cards, banking information, and login information for other Web services. That’s why you should advise employees to avoid sending email with sensitive information whenever possible.
Private Email and Business Email Don’t Mix
Regardless of your political affiliation, the email scandal surrounding former Secretary of State Hillary Clinton provides a few lessons you can learn from.
Clinton’s use of a private email server underlines a problem many employers face, which is employees using their private email accounts for business. These accounts are not only often more insecure, but also contain important information that you don’t want outside your network. Ensure your company implements clear policies about discussing work-related business on personal accounts and limit the use of personal email accounts on company time.
Dobson Technologies provides managed IT support in Oklahoma City for companies that want email security that works. Schedule a meeting with Dobson to discuss your technology needs today.