Breakfast was once the first meal of the day. Now, more people feast their eyes on their inbox before digging into their eggs.
The Email Age
An Adobe study showed that people spend an average of 5 hours a day checking emails. It makes sense, given our digital age’s demands for lightning-speed responsiveness.
But almost every positive trend—in this case, email communication getting faster and easier—comes with a threat.
Your inbox is vulnerable to a growing array of threats that even businesses with the most advanced cybersecurity have trouble keeping up with. How do you start boosting your protection from the inside?
Let’s dive right in.
1. Choose a secure email client
Generally speaking, you’re safe with Outlook and Gmail. They have the resources to stay updated with the latest security features—think SecureScore for Office 365, which continuously checks your security compliance against the latest best practices in security.
2. Use multi-factor authentication
Nowadays, this is a base requirement for any online account you use. Multi-factor authentication (MFA) adds an extra step to the login process, asking you to verify your login attempt with a private code sent to your phone or email inbox.
But verification codes in your SMS aren’t safe anymore. Now, there are mobile authenticator apps—like Microsoft Authenticator—that add an extra layer of security to MFA.
3. Beware of phishing
Phishers have become so stealthy that they can imitate even the wisest email users. These scam experts can be disguised as your manager, a product vendor, or even someone from a high-profile company like Google, Apple or Facebook.
Phishing scams (sometimes called spoofing) often pose as requests for assistance, usually asking for login information or money.
A general rule of thumb—even when you’re talking to a real colleague—is to never send confidential information over email. Especially not bank account info and login passwords.
Phishers can also spread malware (malicious software) through infected attachments or links, lead to denial-of-service attacks or bypass network access controls. That’s bad news for your whole business.
4. Don’t open unsolicited attachments
No matter how shiny and exclusive the offer looks, don’t click on it if you weren’t expecting it. Like we said, phishers are very good tricksters.
Don’t just look out for strange and dangerous requests for information. If a colleague sends you an unexpected attachment, be very, very cautious and think before opening it. If something feels wrong, email them in a separate thread to make sure it’s really them.
5. Know the risks of public Wi-Fi
Simply put, it’s not safe. Public wi-fi can be as public as a café. Unwanted ears eavesdrop on your conversations if you’re not careful.
A 2018 report showed that 82% of workers used their professional emails outside working hours. That’s a lot of time in unsecured environments.
You don’t have to avoid public wi-fi entirely—just be wary about opening your email on networks that aren’t labelled secure and are visible to people outside your company. For extra precaution:
- Use a VPN
- Never connect automatically
- Turn off AirDrop or other file sharing services
- Keep your anti-virus software updated
6. Update your security patches regularly
The security downfall of many organizations is failing to update security patches. It’s an easy practice to forget if it’s unscheduled. We suggest this guide to building your security update calendar:
- Third-party apps (e.g. Google Chrome, iTunes, Java, etc.)
- Internet of Things (IoT) devices — i.e., anything connected to the web, from smartphones to surveillance systems and thermostats
- Windows Operating Systems
- Apple Operating Systems
- BIOS and other firmware
You can’t make your inbox safe by securing your email platform alone. These updates to your IT as a whole will go a long way in ensuring email security.
7. Train your staff on email security
This is all great to know, but how can you ensure your company’s IT stays secure if you’re the only person educated? Security training is arguably as important as any other staff training.
Schedule monthly or bi-weekly sessions/lunch & learns to get your employees brushed up on best security practices.
8. TALK TO A MANAGED IT SERVICE PROVIDER
The people best equipped to help you with anything surrounding security are those who do it for a living. A list of security tips is great to have, but implementation is easier said than done.
Don’t take your safety for granted. Avoid breaches and security risks before they do the damage. Let us know about your business and what you do and what your security looks like—we’re curious!