312-253-4321    Get SUPPORT

Alchetec Blog

Tip of the Week: Getting Back to Email Security Basics

Tip of the Week: Getting Back to Email Security Basics

Email is a particular favorite attack vector of many who would do wrong by your business, as it is easily one of the most used communications in most businesses today. Do your employees know how large of a responsibility they have to your business’ security just by using email? In order to prevent unfortunate security blunders, you need to make sure you and your employees know a few best practices when it comes to handling email securely.

For this week’s tip, we’ll review these best practices.

Passwords
Yes, it can be annoying to have to enter a password everywhere, and yes, it can be hard to remember a different one for every account. However, your employees need to know why they have to deal with these annoyances, too, and why they can’t just use their pet’s name with the year they graduated and call it a day.

The fact of the matter is, too many people want to do just that: significant personal detail, significant number, password done. Cybercriminals know this, and are more than willing to put in the time and effort to find out about one of your employees if it gets them access to a bigger prize. Using social engineering tactics and studying what they can of online activity, these criminals can gain a significant amount of information about your employees (or even you) with relatively little effort. Without better password practices put in place, they could then likely deduce the password of someone in your organization and from there, they’re in… especially if your email password is reused repeatedly to gain access to other facets of the business.

If remembering x-amount of different passwords is a concern, work with your team and implement a password manager, or a program specifically designed to protect passwords and reduce the number that have to be recalled.

Depending on how your company deals with email, for example, if you are using Outlook, your employees probably aren’t typing in their email passwords very often, if at all. This puts the email password even further from top of mind, but it’s important to remember that these passwords need to be changed regularly and kept secure.

2FA, or Two-Factor Authentication
What’s more secure than a password? Two passwords - or at least, a password and an additional code that is generated when an account is being accessed. This is how 2FA works - in addition to their usual password, an employee needs to provide a generated code (usually obtained via their mobile device) in order to access an account. As a result, a hacker who happened to steal some passwords from some database somewhere still wouldn’t have enough information to access your accounts--and because the second piece of authentication is delivered by some other means, like a number generated by an authentication app on the user’s mobile device, the hacker would have that much harder of a time obtaining that as well.

Clicking What Shouldn’t Be Clicked
There is an unfortunate tendency to automatically trust things that come in via our email, whether its an attachment or a link, as these are commonly used avenues for cyberthreats to come in by. This is probably because these attacks can be effective against any level of an organization - an intern could mistakenly let in a threat, as could the president or CEO and anyone in between.

These threats are often known as phishing scams, as the attacker simply casts out their net and waits for someone to take the bait. These scams often leverage emails that include links to quite convincing facsimiles of the site the link purports to direct to. Unfortunately, this only makes phishing a bigger threat.

Another favorite attack like this that cybercriminals like to use is to include a good, old-fashioned virus in an attachment. If you aren’t expecting an attachment in an email, don’t click it! In addition, it always helps to run a quick virus scan if you aren’t sure.

For help in running these scans and maintaining your security, or with any other IT questions you may have, you can always turn to the professionals at Alchetec. Reach out to us by calling 312-253-4321.

Which is Best for Your Server Needs, In-House or H...
WPA3 is Boosting Network Security
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Saturday, January 19 2019

Captcha Image

Subscribe to Our Blog!

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Best Practices Cloud Business Computing Malware Hackers Privacy Network Security Outsourced IT IT Services Email Software Productivity Data Backup Hosted Solutions Productivity Managed IT Services Internet Data Business Tech Term Ransomware Innovation Data Recovery Microsoft Computer IT Support Backup Hardware Mobile Devices Business Continuity Small Business Cloud Computing Google IT Support Android Smartphone User Tips Internet of Things Data Management Paperless Office VoIP Remote Monitoring Disaster Recovery Browser Managed IT Managed Service Provider Smartphones Managed IT Services Efficiency Business Management Communication Collaboration Artificial Intelligence Save Money Encryption Windows 10 Social Media Cybersecurity Holiday Windows 10 BYOD Mobile Device Passwords Workplace Tips Phishing Server Office 365 Applications Facebook Wi-Fi Government Employer-Employee Relationship Antivirus Compliance Network SaaS Document Management Vulnerability Telephone Systems IT Management Scam Bandwidth Project Management Infrastructure Healthcare Recovery Saving Money Upgrade Unified Threat Management BDR Risk Management Tip of the week Communications IT Service Work/Life Balance Virtualization Going Green Training Vendor Management Microsoft Office Customer Relationship Management Data Storage Windows Regulations File Sharing Firewall Website Data loss Password Quick Tips Files Router Chrome Bring Your Own Device Help Desk Money Office Wireless Data Security Hosted Solution Robot Mobile Device Management Storage Politics Two-factor Authentication Blockchain Gmail Maintenance App Managed Service Word Information Virtual Reality Patch Management Electronic Medical Records Company Culture Monitors Apps Redundancy The Internet of Things Network Management Computing Server Management Alert Analytics Digital Payment Big Data Flexibility Automation Identity Theft VPN Unified Communications Customer Service Miscellaneous Licensing Access Control Samsung Smart Technology Tablet Employees Printing Virtual Private Network HIPAA Remote Monitoring and Management Outlook Chromebook Computers Business Technology Upgrades Internet Exlporer Uninterrupted Power Supply Remote Workers Twitter Mobility How To Health IoT Machine Learning Social Assessment Mobile Security Remote Computing How To Fleet Tracking Tech Terms Mobile Data Tech Support Automobile Mirgation High-Speed Internet Tracking Settings Technology Tips Bookmarks Social Engineering Wireless Technology Permissions Star Wars Content Filtering Time Management History Disaster Resistance IBM Emoji Staff Corporate Profile Multi-Factor Security Features Safety Break Fix Nanotechnology Consultation Superfish Human Error Hotspot Recycling Servers Solid State Drive User Error Monitoring ROI Hacker IT Solutions Processors Black Friday Motherboard IT Budget Authentication Cabling Proactive IT Asset Tracking Theft Gadgets USB Migration Development Digital Mouse Search Favorites Legal Law Enforcement Fraud Utility Computing G Suite Private Cloud Operations Managing Stress Computer Care Hacking WannaCry Google Calendar Electronic Health Records Personal Information Dark Web Screen Reader Downtime MSP Permission Language eWaste Taxes Hard Disk Drive Printer Consulting Network Congestion Cyber Monday Mobile Computing Authorization Update Touchscreen IT Consulting OneNote Humor Financial Users Chatbots Cables Spyware Comparison Conferencing Gadget Wearable Technology Enterprise Content Management Trending Legislation Cyberattacks End of Support Virus Data Warehousing Smart Tech Networking Proactive Cortana Test Computing Infrastructure Management Websites Managed Services Provider Education Net Neutrality Cost Management Disaster Data Breach Employee-Employer Relationship Office Tips Procurement Black Market Identity Specifications Meetings Spam Vulnerabilities WiFi VoIP Read Only Computer Repair Crowdsourcing Microsoft Excel Connectivity Google Drive Software Tips RMM Botnet Alerts Enterprise Resource Planning Statistics SharePoint Point of Sale Notifications Distributed Denial of Service Modem Firefox Apple Wires Zero-Day Threat Hard Drive Technology Laws Security Cameras Physical Security Mail Merge Instant Messaging Sports Operating System Unsupported Software Business Growth IT Technicians Geography GPS Shortcut YouTube Software as a Service Avoiding Downtime Techology WPA3 Cooperation Mobile Bluetooth Downloads E-Commerce Display Managed IT Service Cookies Google Maps Lenovo Backup and Disaster Recovery 3D Printing Cache Travel Heating/Cooling Unified Threat Management Dark Data Remote Worker Social Networking Supercomputer Address Finance Augmented Reality Telephony 5G Relocation Cleaning Regulation Motion Sickness Marketing Hard Drives Budget Competition Notes IP Address Error Staffing Sync IT Consultant Mobile Office Emergency CrashOverride Domains Public Cloud Mobile Device Managment Administrator Hiring/Firing Cybercrime Public Speaking Fun Printers Presentation Information Technology Lithium-ion battery Hacks