Best Practices: Protect your business from email attacks

Email is becoming a more popular avenue for attacks on individuals and businesses. It’s vital to take measures to protect your email account(s) against common attacks, as well as attempts at unauthorised access to your account(s).

Safety measures include setting up a strong firewall, ensuring your antivirus is up to date and that the most recent security patches have been installed.

Protecting your business

There are multiple ways to secure email accounts, and for businesses, it’s a two-pronged approach including employee education and comprehensive security protocols. Best practices for businesses include:

• Engage employees in ongoing security education around email security risks and how to avoid falling victim to phishing attacks over email.
• Require employees to use strong passwords (such as passphrases) and mandate password changes periodically.
• Utilise email encryption to protect both email content and attachments.
• Implement security best practices for BYOD if your company allows employees to access corporate email on personal devices.
• Ensure that webmail applications are able to secure logins and use encryption.
• Implement scanners and other tools to scan messages and block emails containing malware or other malicious files before they reach your end users.
• Implement a data protection solution to identify sensitive data and prevent it from being lost via email.

Arming yourself with the know-how to avoid risky behaviours can make a substantial impact on your employer’s ability to reduce the risk to their business associated with email. Best practices for individuals/employees include:

• Never open attachments or click on links in email messages from unknown senders.
• Change passwords often and use best practices for creating strong passwords.
• Never share passwords with anyone, including co-workers.
• Try to send as little sensitive information as possible via email, and send sensitive information only to recipients who require it.
• Use spam filters and anti-virus software.
• When working remotely or on a personal device, use VPN software to access corporate email.
• Avoid accessing company email from public Wi-Fi connections.

If you have any questions about protecting yourself or your business from email attacks, give Focus a call and we can ensure you have the correct systems in place to protect your company.