The year 2020 has seen a massive rise in the number of individuals and organisations converting their business models to be more suitable for online platforms. This enormous conversion arose as a result of the global pandemic that forced everyone indoors. With the increased dependency on online platforms, it has become essential to educate yourself regarding the threats that you face online and in turn, ways to prevent them.
With the rise in online engagement, email has become the go-to mode of communication for almost everyone. Important messages, confirmations and documents are shared within an organisation and with external sources with the help of emails. A considerable number of people have important credentials linked to their email accounts as well.
Cybercriminals are taking advantage of the commotion created by the coronavirus,resulting in a spike in the number of cyberattacks in recent times. Not surprisingly, 90 % of the threats seem to have started with an email – according to the 2020 Verizon DBIR. As malicious attacks such as Malware, Phishing, Impersonation, Spam- type messages and Ransomware, carry high risks, it is necessary to prevent such occurrences.
Let us look at some tips to improve email security for your business:
- Ensuring that the password is strong:
In many companies, employees tend to have similar or the same passwords for their company email ids. In case one of the employee’s account is compromised, it will lead to a huge security issue. Hackers usually use password-guessing software to obtain passwords, depending on the complexity of the password it gets harder and longer to crack. If you have a strong password, it can take even up to a few years for the software to interpret it.
Use the following steps to ensure you have a strong password
- Use a combination of uppercase and lowercase letters
- Never use your name, birthday, school name, name of a company or any such generic details in your password.
- Use numbers and special characters.
- Create random combinations of letters and numbers than a word.
- Avoid common letter-number substitutions.
As systems are becoming more developed, hackers are developing ways to crack your security efforts, implementing a strong enterprise password management plan will be a good start in keeping your information secure.
- Do not use company email for non-official purposes.
Organising security awareness training in the company and informing the employees regarding the potential online threats to the company’s safety is an important measure that needs to be taken.
Everyone, including the employees and the company heads, has to avoid using company email for any personal use, be it for online shopping, private messaging or do anything that is not pertaining to work. Using the company email for receiving and sending messages regarding work alone will decrease the chances of it being targeted by hackers.
- Use two tire authentication.
Taking an extra step towards securing your email will only help reduce threats. A two-tyre verification process usually requires the user to enter a code in addition to the password to access their account. Now, if the hacker has obtained the password, he will not be able to access your messages without the code, which is usually sent to your phone. Having the code sent to your phone is much safer than having it sent to your pc, as it might be again accessible to the hacker.
- Beware of phishing emails
Phishing is a concept in which hackers use links sent via email to direct you to sites of pages which you find familiar and in turn trick you into providing confidential details. The link can lead to a page that looks like your bank login page, or a social network login page or any site that you might use. Here you will be providing sensitive information like your email and password in order to log into your account. The phishing site steals this information, and the hacker then has access to this information. It is becoming difficult to distinguish between a fake phishing website from the original as hackers are developing more effective methods of obtaining information.
- Use antivirus and antimalware email security software.
Sometimes emails require you to download attachments; if you download them from sources that are not familiar with, these attachments can contain phishing links or malware that can be very harmful. If you have an antivirus or antimalware software installed, it can help you scan the attachments for threats. Most such software not only scans attachments but scans emails as they come into your inbox and warn you about possible risks. You can then quarantine these emails before they cause any significant harm to your system.
- Update your spam filters according to recent threats
It is recommended to use advanced spam filters so that only relevant messages reach your inbox. Nowadays, most cloud-based email services provide good spam filters. The spam filtering enables you to block out messages containing specific keywords if you are aware of recent phishing scams you can prevent your employees from opening such emails by blocking out the keywords present in such emails.
- Avoid using public networks
Public networks are easily accessible by hackers who can then monitor the data that is being transmitted through them. If anyone accesses their email using public wifis, hackers can access information and target them for further focused attacks. It is advised to use mobile networks while accessing your email account outside the office.
It is also recommended that employees avoid connecting their personal mobile phones to the companies wifi and use mobile data for that purpose as well. This further reduces the chances of hackers obtaining access to the companies network.
- Do not press the unsubscribe button on spam messages
People tend to press the unsubscribe button provided in spam emails hoping to stop receiving emails from a specific sender; this can be dangerous. Hackers provide the unsubscribe button in the mail hoping to fool people into clicking it. It would probably lead them to a phishing site. Which then steals information from you or opens a backdoor for the hacker to access your system. In order to avoid this, the best thing to do is to mark the message as spam and delete it.
Even though some individuals may argue that internet privacy is not something they require, privacy comes as a side benefit of internet security.
In today’s system where online advertising is the primary mode of income for huge platforms like Google or Facebook, the need to attain customer information for improving targeted adverts compromises the privacy of the people using these platforms. The upcoming generations have to face the fact that the information that they have given online will outlive them. To ensure the privacy of the information you provide in emails, you can consider using secure email providers to send encrypted emails. This assures that your information can not be accessed by anyone other than the receiver and the sender.
Today, because people are becoming more dependent on online platforms, cybercriminals are finding more effective ways of misleading people. It is our responsibility to keep our selves up to date with the new emerging threats and maintain security by educating ourselves about the available preventive measures and implementing them.
Practising the points as mentioned earlier and ensuring that your employees do the same can be the first step towards ensuring your companies safety.