Email security can be tricky. Occasionally clients will come to us with questions about how best to use their email system, and how to prevent security breaches. We’ve gathered some of our best email security tips below, and we hope it helps you keep your business running smoothly.
Once you have your email system ironed out and you’re ready to start building your business with email, let us know.
1. Stop Spam & Phishing Emails In Their Tracks
The best way to stop spam and phishing emails is to educate yourself and your employees on what to look for.
Phishing and spam techniques relies on getting you to trust the sender. Usually they do this by using an email domain – the @examplecompany.com portion of the email address – which looks like a reputable company. Common examples might be: @amazon-z.com, @amazon.net, @ama-zon.com, firstname.lastname@example.org, email@example.com etc.
They’ll usually ask you to click on a link because they need to verify information on your account. The link usually takes you to a website which is a good copy of the company you’re expecting; similar color schemes, fonts, buttons and logos. Once you’re there, they expect you to put in your user name, password and/or account or social security number.
Your best bet is to notice these email address discrepancies and don’t click on anything in the email. Once you’ve arrived at their site, they may have already downloaded malware which can further compromise your system without you having to take a single action.
Instead, train your email filter to notice these things. Select the checkbox next to the message and choose whatever option your email provider gives you to identify the message as spam. In Gmail, this would be the “Report Spam” button. This helps your email provider realize the domain is a spam sender, and it will attempt to stop those in the future.
2. Check for Confidential Content
You might be the most careful person in the world, but are your employees? Make sure you have clear expectations in place about what can be transferred via email and what can’t.
Social security numbers, account information, banking information, usernames and passwords should never be sent via email. Also make sure your employees know that you and the companies or financial institutions you work with will never ask for this information via email, or via a phone number given to them via email. Always call an institution directly to a trusted number you’ve used in the past.
3. Create An Email Security Policy
Your employees might not know how best to handle a spam email, or not to send out certain confidential emails. That’s why you want to make sure you have a detailed email security policy in place. There are many sample policies out there you can go through and customize to your own needs, like this one from Tech Donut.
4. Block Certain Senders
Sometimes, your employee might try to send an email to a bunch of recipients at once with the To:, Cc: or Bcc: field. These types of emails can expose your clients to each other, which is something they may not want.
It can also accidentally expose confidential information, such as names, email addresses and other information to a wider audience, and can be constituted as spam in certain cases. Since you don’t want to cause spam yourself, you can request that your the company which controls your email server block anyone at your company from sending emails with more than 15 recipients or something similar.
As well, you can block senders coming into your system. Emails with attachments larger than 10MB can slow down your entire network, or not be delivered at all. Set a policy at your server level to block incoming and outgoing emails with attachments larger than 10MB, and to notify the sender and provide an alternate method of sending the file, such as Dropbox or Google Drive.
5. Archive Emails
Make sure that you keep a backup of your emails so if a disaster should occur you can still revert to your backup. Check if your server provides a backup, and if so how often. You can also create a backup yourself using an external hard drive and a backup schedule if you feel it’s necessary.
Hopefully these tips have helped you secure your business emails. When you’re confident enough to start advertising your business through email, contact us!