Top tips for keeping corporate Email secure
A perfect example is last year’s catastrophic breach at Sony Entertainment, an event which underscores how no company is safe from attack.
For highly regulated industries like financial and legal services, the consequences of a breach can be disastrous. Email security solutions like email encryption are now a crucial asset for industry professionals, representing an important line of defence as well as facilitating compliance. Here are a couple of top tips that companies can put in place to keep their email communications secure:
1. Don’t forget about internal threats
Despite companies installing anti-spam, anti-malware, encryption and monitoring tools, there is still a chance that attacks can get through. That’s because cyber criminals exploit a company’s weakest asset – it’s people. Employees are the biggest threat to any organisation’s cyber security policy. According to Gartner, 84 per cent of high cost security incidents result from employees sending confidential data outside of the company. Despite this, only half of companies are implementing employee training schemes. Employee training is the most effective way of combatting employee negligence resulting in data loss.
2. Back to basics
Email security can be complicated, but it doesn’t need to be. Good email encryption solutions should make the process simple for both senders and recipients, while still keeping non-public personal information secure. Policy based email solutions remove the responsibility for security from individual employees by detecting specified keywords, attachments or number patterns like credit cards or National Insurance numbers.
3. Plan ahead
Most email security solutions have very basic requirements that companies need to have in place before implementation. Sometimes an element or two might be missing, such as an updated version of an operating system or applications or having TLS implemented on an email server. Having up-to-date systems guarantees a simple and smooth implementation of email encryption.
4. Don’t forget about mobile
Nearly everyone today carries a smartphone, whether their own personal device, a corporate issued device, or a personal device that employees are using for work purposes. However, mobile devices can easily be lost or compromised by hackers or malicious software. Malware that attacks mobile devices is becoming more sophisticated than ever before. BYOD policies need to account for these risks and should include safeguarding and tips for device management.
5. Stay ahead of the curve
With security breaches constantly hitting the headlines, companies need to stay ahead of the curve when it comes to new security threats and management techniques. It’s not just IT that needs to be aware of the changing security landscape – every employee has a duty of care to ensure that all communications with clients and suppliers are secure. Reading up on the ever evolving industry is an important first step to ensure end-to-end data security and compliance.
Whether or not your business is legally required to keep data in transit safe, sending email in the clear is simply no longer acceptable. Your customers expect their data to be handled securely and your employees need an encryption solution that works across all of their devices and is easy to use.
About the author:
Jacob Ginsberg is Senior Director of Products at Echoworx – www.echoworx.com