An inordinate amount of data passes through business email addresses every day. However, the more companies send valuable data through email channels, the more likely it is to cause security risks.
With phishing emails being the most common method used by criminals, knowing the risks emails pose can make all the difference. Here, we discuss the tips and advice employers can give to keep their email structure safe.
The unknown effects of ‘spam’
It’s estimated 45 percent percent of all emails sent globally are spam and when lots of them build-up, it can cause serious problems.
Not only do spam emails carry the threat of infecting devices with malware, but an attack of spam emails can cause networks or servers to crash, costing businesses time and money to fix.
Too much spam tends to make staff ‘delete trigger happy’, causing actual legitimate emails to be deleted in the rush to clear inboxes.
Limit spam emails by applying filters that redirect suspicious emails to a separate folder that can be easily emptied or deleted. This can typically be done in your email provider interface, but separate software can be used to prevent them too.
As irritating as it can be continuously receiving emails from unknown sources, don’t reply to spammers or ask them to unsubscribe. This only shows the address is active and encourages further phishing.
Training for the whole company
When it comes to company awareness, the gap between people’s perceptions of their security knowledge and actual practice has been widening.
For example; in a study by Friedrich-Alexander University 78 percent of participants claimed they knew the risks and how to identify a phishing email; 45 percent of them clicked infected links anyway.
When it comes to instilling a company-wide culture of email safety, it needs to come from the top down. It’s up to managers, directors and supervisors to proactively develop an email ‘safety-first’’ mindset in a team to encourage employee buy-in.
Having proper education and training around the risks, with the whole company attending is also key. Training sessions can be done by external companies, in-house or even at seminars. It not only helps employees become more tech-savvy but allows them to see the bigger picture and how what might seem like an individual risk, could spread to company-wide issue if not managed properly.
Email signature best practice
Ensuring your business adopts branded email signatures not only increases awareness, but they also highlight you are a trustworthy company because due to the use of recognized brand colors, logos and links to the official company website.
The dangers of taking a relaxed attitude to email signatures were evident in a recent news story, which revealed how an email was deemed as a legally binding contract because it included an automated signature.
Check everyone is using a consistent email signature block you know will be applied to all internal and external emails. This gives businesses peace-of-mind and complete awareness of what is being appended to all corporate emails.
Having an email signature management solutions service in place means everyone has the same high-quality signature when sent from any device, even mobiles, and Macs. It also ensures your signature details are always up-to-date and the correct email disclaimers are in place.
Evaluating BYOD
There was a 74 percent recorded jump in people working from home over the last decade and bring your own device (BYOD) policies are helping employees achieve more flexibility in the workplace.
However, it’s difficult to police an individual’s digital device habits, with a recent study showing 75 percent of employees open company files on personal devices, which are almost always unprotected.
To combat this, organize simple training sessions where you can teach the significance of protecting their property. This should contain information on VPNs to obscure IP addresses, choosing strong passwords and using email archiving solutions when accessing data remotely.
All devices used for work should have the latest anti-virus and firewall software installed, plus the latest OS and patch updates. For those using a personal device when working remotely, offer to provide with these extra layers of security at the cost of the company to encourage compliance.
For example; businesses could install Mobile Device Management software as part of their BYOD policy. MDM software provides a single platform where all mobile devices in use can be monitored and managed.
Control is further enhanced by making certain OS functions inaccessible, which prevents employees from adapting settings or installing unapproved apps. If necessary, external websites can be blocked and whitelisted too.
About the author: Daniel Richardson, is CTO at Exclaimer. He is an accomplished senior executive and board-level technologist, performing the role of Chief Technology Officer and Chief Information Officer. As a Prince2 and ITIL Certified Practitioner, Certified Scrum Master and Lean 6-Sigma Greenbelt, I have extensive experience in building enabling technologies for both small and enterprise-level businesses, meeting strategic objectives and driving growth. I firmly believe in delivering business value via the use of innovative, forward-looking technologies.”
