Most businesses today rely heavily on email communication. Unfortunately, the number one way hackers get into your company is through employee email, and every day the number of new viruses and malware is increasing. To avoid falling victim to these cyberattacks, follow these suggestions below!
1) Deploy anti-spam/anti-virus protection.
Deploying anti-spam and anti-virus software that stops malware or spam from arriving in your inbox is the first step. If you've moved to a cloud service such as Microsoft Office 365, you can take advantage of their anti-spam and anti-virus features. Be sure to check which version you have, as there are different features and options.
Whatever email service you use, keep in mind that while Google and Microsoft are great at what they do, they are not specifically geared to being experts at anti-spam software. We recommend layering on extra protection from a third party provider such as Mimecast, Symantec or others.
Check with your IT department to see what you have in place today, and/or speak with a reputable IT consultant to ensure you have what you need to stay as secure as you can.
2) Watch for those software updates.
One of the easiest ways to protect your emails, but often ignored, is to ensure you install the latest patches and updates. You can choose to let your email vendor provide you with the updates, or take advantage of an IT service provider to maintain your entire system for you.
It's also equally as important to protect your hardware (computers and servers) in the case that a virus does get through. The best way to do this is with a recurring service that automatically upgrades and patches all of your equipment across your netowrk to ensure you always have the latest versions. Manual updates are fine, as long as "someone" remembers to keep on top of it!
3) Educate your staff- continually.
Despite the best protection, it's almost impossible to keep all malware out. Hackers are getting extremely clever, and although security vendors attempt to keep up its become a huge challenge. Employees should never open email from any unknown sender or source, and NEVER click on a link that looks remotely suspcious - even if it comes from someone they know.
Here's a quick list of additional tips that you can share with the office:
- Never leave unlocked computers unattended. It should be company policy for employees to leave their computers in a password-protected state whenever leaving their desks.
- Never trust links or attachments from unknown sources.
- Disregard and delete emails that request password changes or personal information, no matter how official they may appear.
- Install all updates for anti-virus and anti-spy software.
- Encrypt all emails containing sensitive data.
- Never use company email for personal messages.
- Delete or archive all emails 60-90 days from sending/receiving.
4) Consider email encyrption.
Email encryption is a must for any industry who must remain PHI or PII compliant, and in fact is becoming important for any company that manages private data. With one click, you can encrypt your email message before it leaves your inbox, and the authorized recipient - with the correct password - can open it. Other services can automatically recognize and encrypt information recognized as sensitive, such as social security numbers, credit card numbers and more.
Security is complex, and it's difficult to present the entire picture without becoming overwhelming. Be sure to contact us with any questions or concerns!