312-253-4321    Get SUPPORT

Alchetec Blog

Tip of the Week: Getting Back to Email Security Basics

Tip of the Week: Getting Back to Email Security Basics

Email is a particular favorite attack vector of many who would do wrong by your business, as it is easily one of the most used communications in most businesses today. Do your employees know how large of a responsibility they have to your business’ security just by using email? In order to prevent unfortunate security blunders, you need to make sure you and your employees know a few best practices when it comes to handling email securely.

For this week’s tip, we’ll review these best practices.

Passwords
Yes, it can be annoying to have to enter a password everywhere, and yes, it can be hard to remember a different one for every account. However, your employees need to know why they have to deal with these annoyances, too, and why they can’t just use their pet’s name with the year they graduated and call it a day.

The fact of the matter is, too many people want to do just that: significant personal detail, significant number, password done. Cybercriminals know this, and are more than willing to put in the time and effort to find out about one of your employees if it gets them access to a bigger prize. Using social engineering tactics and studying what they can of online activity, these criminals can gain a significant amount of information about your employees (or even you) with relatively little effort. Without better password practices put in place, they could then likely deduce the password of someone in your organization and from there, they’re in… especially if your email password is reused repeatedly to gain access to other facets of the business.

If remembering x-amount of different passwords is a concern, work with your team and implement a password manager, or a program specifically designed to protect passwords and reduce the number that have to be recalled.

Depending on how your company deals with email, for example, if you are using Outlook, your employees probably aren’t typing in their email passwords very often, if at all. This puts the email password even further from top of mind, but it’s important to remember that these passwords need to be changed regularly and kept secure.

2FA, or Two-Factor Authentication
What’s more secure than a password? Two passwords - or at least, a password and an additional code that is generated when an account is being accessed. This is how 2FA works - in addition to their usual password, an employee needs to provide a generated code (usually obtained via their mobile device) in order to access an account. As a result, a hacker who happened to steal some passwords from some database somewhere still wouldn’t have enough information to access your accounts--and because the second piece of authentication is delivered by some other means, like a number generated by an authentication app on the user’s mobile device, the hacker would have that much harder of a time obtaining that as well.

Clicking What Shouldn’t Be Clicked
There is an unfortunate tendency to automatically trust things that come in via our email, whether its an attachment or a link, as these are commonly used avenues for cyberthreats to come in by. This is probably because these attacks can be effective against any level of an organization - an intern could mistakenly let in a threat, as could the president or CEO and anyone in between.

These threats are often known as phishing scams, as the attacker simply casts out their net and waits for someone to take the bait. These scams often leverage emails that include links to quite convincing facsimiles of the site the link purports to direct to. Unfortunately, this only makes phishing a bigger threat.

Another favorite attack like this that cybercriminals like to use is to include a good, old-fashioned virus in an attachment. If you aren’t expecting an attachment in an email, don’t click it! In addition, it always helps to run a quick virus scan if you aren’t sure.

For help in running these scans and maintaining your security, or with any other IT questions you may have, you can always turn to the professionals at Alchetec. Reach out to us by calling 312-253-4321.

Which is Best for Your Server Needs, In-House or H...
WPA3 is Boosting Network Security
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Monday, November 19 2018

Captcha Image

Subscribe to Our Blog!

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Best Practices Cloud Business Computing Malware Privacy IT Services Email Hackers Data Backup Network Security Outsourced IT Software Managed IT Services Internet Productivity Hosted Solutions Data Productivity Tech Term Business Microsoft Computer Data Recovery Ransomware Innovation IT Support Backup Mobile Devices Business Continuity Cloud Computing Hardware IT Support Small Business Smartphone Google Android User Tips Data Management Managed Service Provider Managed IT VoIP Paperless Office Communication Remote Monitoring Disaster Recovery Browser Internet of Things Windows 10 Encryption BYOD Cybersecurity Mobile Device Efficiency Business Management Workplace Tips Collaboration Artificial Intelligence Wi-Fi Facebook Passwords Applications Managed IT Services Government Phishing Server Office 365 Save Money Smartphones Social Media Project Management Infrastructure Recovery Holiday Windows 10 Unified Threat Management Risk Management BDR Tip of the week Compliance Network SaaS Saving Money Telephone Systems Vulnerability Document Management Bandwidth Wireless Hosted Solution Healthcare Firewall Office Password Robot Data loss Files Storage Help Desk Chrome Two-factor Authentication Router Gmail Money Data Security App Employer-Employee Relationship Politics Virtualization Maintenance Going Green Virtual Reality Vendor Management IT Service Word Work/Life Balance Customer Relationship Management Data Storage Regulations Antivirus Website Training Windows Managed Service IT Management File Sharing Information Bring Your Own Device Automation Server Management Analytics Digital Payment Mobile Device Management Unified Communications VPN Identity Theft Outlook Licensing Computers Samsung Upgrades Quick Tips Tablet Smart Technology Virtual Private Network HIPAA Chromebook Twitter How To Business Technology Communications Apps Internet Exlporer Uninterrupted Power Supply Health Mobility How To Machine Learning Blockchain IoT Monitors The Internet of Things Remote Computing Microsoft Office Assessment Mobile Security Patch Management Big Data Remote Monitoring and Management Remote Workers Flexibility Miscellaneous Redundancy Customer Service Computing Network Management Upgrade Alert Scam Office Tips Printer Language eWaste Taxes Hard Disk Drive Finance Gadget Spam Cyber Monday Mobile Computing Touchscreen IT Consulting Bookmarks Virus Comparison Chatbots Cables Spyware Fleet Tracking Data Warehousing Smart Tech Features Trending Legislation Wearable Technology Enterprise Content Management Human Error Networking Monitoring Black Market Websites Access Control Computing Infrastructure Management Authentication Asset Tracking Unsupported Software Data Breach Net Neutrality Cost Management Disaster Favorites Computer Repair Crowdsourcing Specifications Identity Google Drive Botnet Microsoft Excel Connectivity Software Tips Electronic Health Records Display Notifications Augmented Reality Vulnerabilities WiFi VoIP MSP Permission 3D Printing Distributed Denial of Service Modem Apple Consulting Dark Data Physical Security Statistics SharePoint Wireless Technology Alerts Enterprise Resource Planning Authorization Sports Firefox Tech Support OneNote Mobile Data Business Growth Technology Laws Safety Hard Drive Conferencing Social Engineering Mail Merge IBM Avoiding Downtime Techology Hacker Cyberattacks Social Shortcut Software as a Service IT Technicians Geography GPS YouTube Proactive Test Managed IT Service Cookies Google Maps Managed Services Provider Bluetooth Downloads Cooperation Mobile Employees Telephony Lenovo Gadgets Employee-Employer Relationship Heating/Cooling Automobile Unified Threat Management Cache Travel Search Meetings Electronic Medical Records Address Social Networking Supercomputer Emoji Time Management Disaster Resistance Permissions Star Wars Content Filtering History Read Only Technology Tips Mirgation High-Speed Internet Tracking Settings Break Fix Nanotechnology Point of Sale Network Congestion IT Solutions Processors Multi-Factor Security Staff Company Culture Corporate Profile Wires Zero-Day Threat Consultation Superfish Users Humor USB Servers User Error Hotspot Recycling Solid State Drive Instant Messaging Legal Law Enforcement Black Friday Motherboard IT Budget Proactive IT Fraud Utility Computing G Suite Cabling End of Support Personal Information Mouse Migration Development Digital WPA3 Cortana Dark Web Screen Reader E-Commerce Education Hacking Google Calendar Operations Managing Stress Computer Care WannaCry Backup and Disaster Recovery Printing Update Error Sync Public Speaking Staffing Regulation Hiring/Firing Presentation IT Consultant Emergency Public Cloud Lithium-ion battery Fun CrashOverride Mobile Device Managment Administrator 5G Cybercrime Marketing Hacks Information Technology Hard Drives Budget Competition Relocation IP Address RMM Cleaning Motion Sickness Private Cloud Mobile Office Printers Downtime Domains