The biggest difference between your email inbox and the one at the end of your driveway or the company mail room is the walk, and sending a message is free over email. Mail can be stolen too, regardless of if it’s in a physical box or your inbox and, in both cases junk mail can be very bothersome. In the case of email though, malicious emails happen often enough to be worrisome. One wrong click and now you’re exposed to hackers that will use it to bypass network protection and initiate a cyber attack on your company. Don’t panic! There are simple ways that you can make it much more difficult for criminals to steal your data.
Better Password Management
Creating a strong password is essential for the security of anything that needs a login, but perhaps moreso for your email. When your password is easy to guess—such as a birthday, favorite pet or family initials—and your email can be hacked. Through that hackers can reset the password for multiple different accounts across the web, or open new ones in your name, and ensure that you’re locked out. Some email providers today actively work to prevent this by not allowing users to create passwords that are similar to their email or personal information and require special characters, upper and lower case, as well as a symbol. Though quite irritating for most of us, it is essential for the security of an email account regardless of if it’s a personal account or corporate one.
Those that cannot remember ‘$27D@e99&$Ke’ as easily as their cat’s full name may find using a password management service helpful. Many companies use services such as LastPass to keep their passwords and logins secure and unique enough to deter hackers. For these password managers employees need to remember just one password and though it doesn’t have to be like the one above, it nevertheless needs to be very unique otherwise it too can be hacked and that library of passwords will be accessible.
Adjusting Email Settings
Though this may seem obvious, modifying your email settings can really make a difference in the safety of your inbox. A firewall service may keep more obvious threats out but by exploring the tools that your email provider has available you can eliminate phishing emails designed to get into your email. For instance, you can create a rule for your inbox that will automatically move emails with ‘Unsubscribe’ or similar wording into a special folder or your trashcan with little fear of losing important emails. You can elect to add exceptions to this as needed, such as “RE:” or other phrases from trusted sources or newsletters that you’ve signed up for.
Pay Attention to the Details
Sometimes you can do everything right and your inbox can still be infiltrated. Though the best way to protect your email is through prevention, it’s important to be proactive in making sure that it remains safe. Look for changes in email traffic, such as regular banking updates or stock updates. When those disappear, it could indicate that your email has been hacked or worse yet, those institutions. By looking at the recent activity for your email account you can also see the IP addresses that has been accessing your email. Look for an IP address, or location, that doesn’t fit with the rest of your activity.
In addition to paying attention to recent activity with your account, you should also look at the information in your account. Is the phone number correct? Are your security answers what you originally put or are they different? Though these differences may seem small, it’s an indication that your email protection isn’t strong enough and you’ve been hacked. In cases where you have been hacked, it’s best to reconsider your security questions as many times the answers are easily obtained via social media and, of course, be sure that you don’t share your account information with anyone.
There are many things you can do to help keep your company’s private email private, but the best way to do it is encryption. End-to-end encryption, which IT services often provide, means that before an email ever leaves one machine, it is encrypted so that even if a hacker manages to get access to it in transit, it’s useless without the encryption key. Companies and individuals—popular apps like WhatsApp make encryption very realistic for private citizens—that use this level of security are on one side of a controversy between tech security and government agencies as many government agencies feel this level of encryption enables those with malicious intent to better plan and organize.
Email providers are getting on board with this level of security and offer it to their customers. ProtonMail, for example, uses this level of encryption for email protection; however, it’s only effective when both accounts belong to ProtonMail. Though some customers may be put off by having to create two passwords when they create their ProtonMail account (one is the account password while the other is for the encryption keys), it provides an added layer of security that other providers don’t.
Encryption also involves using HTTPS over HTTP, which is rapidly becoming outdated. The added S stands for secure, which is simply another way of saying encrypted. Websites that provide HTTPS have several tests that they must pass that prove that the information sent to and from those sites is actually secure. For general information on a website, such as a blog, the data is not encrypted as there’s really no way to provide encryption at that point. But, for websites that deal in e-commerce or social media, for example, it is essential that when a user logs in their information is kept secure. This is where encryption plays a role. Ensuring that your company uses HTTPS will prevent intrusions that can be detrimental to your company, and your inbox.
Protecting your company’s email servers is an important part of network security and one of the best ways to do that, first, is common sense practices such as not sharing your account information, not using easy to guess passwords or creating security questions that are very easy. Ensuring that your company uses encryption services whenever possible also keeps your email, and thus your company, much more secure. Educating employees on common sense email practices, and using IT services to implement encryption, are some simple tactics that can go a long way towards keeping your inbox private.