“I live in my inbox.” We’ve heard it repeated time and time again. Your email inbox is probably the first and last thing you check daily while at work: not just to catch up on the latest industry news, but lots of business happens in your inbox, making it a prime target for hackers and scammers.
Here are some statistics:
- Recent research states that more than 3.4 billion phishing emails were sent in 2020.
- Almost 20% of all employees clicked on phishing email links; of those, a staggering 67.5% entered their credentials on a phishing website.
- Resulting in over $1.7 billion in losses in 2020.
Fortunately, there are many ways to secure your email:
1. Use Strong Passphrases
The first step to secure your email is to use strong, unique passwords with a combination of upper and lower-case letters, numbers, and special characters. Although best practices change regularly, NIST currently recommends that these passwords should contain at least 12 characters, turning them more into passphrases.
For some ideas on coming up with a passphrase, here is an example:
“Tiger123” – This password is short and easy to remember. However, it is important to realize that this password is easy to figure out or guess.
“T1g3rudhxn!vo?LSU” – This password is much more complex but, unfortunately, much harder to remember.
“Aren’t tigers awesome and number 1 in the nation?”
This passphrase is long, complex, harder to crack, and easier to remember than the previous example.
2. Enable Two-Factor Authentication
Two-factor authentication is another great way to secure your email account. It adds an extra step in the authentication process by requesting a code sent to an alternative phone number or email address before the login is successful. This code is your second security layer and dramatically reduces the likelihood of someone breaking into your account.
3. Use Encryption
Encrypting your emails adds a different layer of security that is difficult to crack. Encrypting an email is not complicated, but it requires you to be conscious about how you send and receive emails. While it’s not something you need to do all the time, encrypting your emails is a good idea if you’re sending messages that contain sensitive or protected personal information.
There are two ways to encrypt your emails: by using an email service provider that encrypts the messages at either end of the conversation or by using specialized encryption software.
The first option is more common and usually more reliable, but it can be expensive for people who send large amounts of email. The second option is free but requires more work on the user’s part. Your IT support partner (or us) can show you which option(s) are most appropriate for your business.
4. Implement Security Policies & Training.
Components such as encryption, password management, and 2FA will only do good if everyone using email in your organization understands their importance and what exactly constitutes secure email behavior.
These guidelines should be more than a few rules in your employee handbook. To properly promote security awareness, ongoing training and reminders are needed.
Hint:
Designate a member of your organization that’s not you, but who’s good at follow-up and follow-through, to be responsible for data security and let him/her help implement and enforce these best practices. NY State requires you to (NY Shield Act)
While there are plenty of other components you can use to protect your email, these 4 are non-negotiable. If you need help figuring out where to start, Meeting Tree Computer is here to help.