How to Protect Company Email From Attacks
Email is one of the most common ways attackers use to infiltrate an organization’s systems and gain access to sensitive data. Email is built into smart phones, tablets, gaming devices and desktop computers … yet not designed to protect privacy or security.
Without protections in place, “email is a postcard, not a sealed letter,” cautions Jacob Ginsberg, senior director of products for Echoworx. He says people often don’t understand the permanence of data and how it can exist on servers long after they’ve forgotten about it.
“Email is one of the most common ways hackers infiltrate a company’s system,” says Sam Elsharif, vice president of software development at Echoworx. “They often use phishing scams, sending out emails that appear to come from a legitimate source that ask recipients to click on a link that directs them to provide credit card or password information.”
— Bob Carver (@cybersecboardrm) May 31, 2017
How can you protect your email communications?
Ginsberg says encryption is a logical solution and provides effective protection. Even small and medium size businesses should consider encryption, especially if they deal with data such as intellectual property and customer credit card information.
“There are old holdover misconceptions about encryption – it must be difficult to use, only IT experts can understand it, it slow things down – but those are no longer valid,” says Ginsberg. “The tools are simple to use and I strongly encourage encryption.”
Ginsberg says with encryption only users and intended recipients can see the data. For added security – and a tool that addresses phishing – users might want to add a digital signature (a coded message associated with a specific person).
Educating staff about email use is critical.
Hold regular training to make employees aware of the rules and practices surrounding email, suggests Elsharif. Do your due diligence: research threats and solutions, and review how your organization stores data, how you email data and how you deal with credit card information. Ensure your company is complying with current regulations.
Elsharif says to consult more than one vendor, depending on your needs. “Everyone needs firewalls and anti-virus software. Do you allow employees to access your network from the outside? You may have to look at a VPN (Virtual Private Network). Don’t be afraid to check with multiple providers. No one company can do it all.”
Technology can be effective in mitigating email threats, but don’t rely solely on it.
“Nothing beats human common sense,” Elsharif says. “As a user, try to follow best practices and don’t be sloppy when dealing with your data.”
Seeing is Believing
See for yourself how our latest encryption technology is easy to install, highly customizable and, most essential, simple for anyone to use.
By Greg Aligiannis, Senior Director Security, Echoworx