Email is the main communication superhighway for most offices, and it’s also the most popular way in for hackers sending phishing emails containing malicious links and attachments.
One wrong click on an email can cost you big time. The average cost of a data breach for small businesses is as much as $117,000. And don’t think just because your business isn’t a large corporation that hackers won’t bother with it. Actually, hackers target small businesses more because their security measures tend to be easier to get past.
But enterprise security measures can be implemented affordably by small and mid-sized businesses. At Connect2Geek, we help our clients in Nampa and the Treasure Valley area stop hackers, viruses, and malware in their tracks. Email security is one of the key focuses of our Managed Security Services.
Phishing Emails Have Become More Sophisticated
Strong email security measures and a multi-layered approach are needed to match the sophistication of today’s fake phishing emails.
It used to be fairly easy to see a scammer email coming a mile away because they’d contain misspelled words, blurry graphics, and names of companies you’ve never heard of before.
And while those “easier to spot” emails are still going strong, the best cybercriminals have upped their game, making fakes much more difficult to tell from the real emails.
In this example below, this phishing email looks just like a real Amazon email. They will also often use your name and company to give it more credibility in the recipient’s eyes. A worried employee thinking they might have accidentally ordered something on the company card, might click fast before thinking to try to cancel the order.
Tips to Significantly Increase the Security of Your Staff’s Email
Our Connect2Geek Emergency Virus Extraction Team is often called out after a malicious threat has infiltrated a device or network, and a majority of the time, the email inbox was the open door it slipped through. While you can’t keep scammers from sending emails that look identical to real one to your inboxes, you can employ safeguards to stop phishing in its tracks.
60% of companies found that security awareness training increased their staff’s ability to detect phishing and similar scams. (Proofpoint)
Here are ways to make your inboxes as protected as Fort Knox!
Train Employees, and Do it Regularly
Just telling your staff not to click or showing them an email security infographic once, isn’t going to significantly increase their ability to spot phishing fakes over time. Thorough training, using real world examples (like the photo above) and ongoing sessions to keep their knowledge fresh, are the best ways to increase the “human factor” of your email security. And at Connect2Geek, we find it’s the most important one.
Use a Security Application that Includes Email Protection
Not all anti-virus or malware applications will include special email protections. When we’re working with Boise and Nampa businesses on cybersecurity, we recommend Cisco Umbrella and Cisco Email security. This is a cloud security platform that provides excellent defense against multiple threats, including those trying to get in by email, and helps your staff by identifying and stopping them.
Some of its features include:
- Advanced phishing protection
- Stops hackers from using your domain name to send phishing to others
- Enhances email security for Office 365
Institute Credential Security Measures
Your email and password combination, aka your credentials, is one thing hackers treat like gold. If they can get your credentials, they can send out spam as if it was coming from your company (and you!), and potentially get into more applications on your network that use the same login.
According to the Proofpoint 2019 report on phishing cited above, credential compromise has increased 280% from 2016 to 2018.
Ways to protect your credentials include:
- Never logging into your email while on public Wi-Fi
- Using a strong password that has a combination of letters, numbers, and symbols
- Using a password at least 7 characters or more in length
- Never writing down your email login and tapping it to your device
- Using a unique password for all your different logins (password managers are helpful for this!)
Use Mobile Device Management
It’s easy to forget mobile devices when planning a complete IT and email security plan, but they’re being used more often every year to access work email and applications.
A mobile device management platform can allow you to easily lock a tablet or smart phone if it’s lost or stolen or wipe all the data clean, securing that user’s email and your business network.
Interested in an Email Security Review or Training?
How strong is your email security? If you’re unsure, our Connect2Geek security experts would be happy to do a security review and let you know if your business has any vulnerabilities.
Need a refresher training for your team (one that’s both FUN and informative)? We can do that too!
Schedule a chat with us today by phone 208-468-4323 or online. We look forward to helping your business become more secure.