312-253-4321    Get SUPPORT

Alchetec Blog

Tip of the Week: Getting Back to Email Security Basics

Tip of the Week: Getting Back to Email Security Basics

Email is a particular favorite attack vector of many who would do wrong by your business, as it is easily one of the most used communications in most businesses today. Do your employees know how large of a responsibility they have to your business’ security just by using email? In order to prevent unfortunate security blunders, you need to make sure you and your employees know a few best practices when it comes to handling email securely.

For this week’s tip, we’ll review these best practices.

Passwords
Yes, it can be annoying to have to enter a password everywhere, and yes, it can be hard to remember a different one for every account. However, your employees need to know why they have to deal with these annoyances, too, and why they can’t just use their pet’s name with the year they graduated and call it a day.

The fact of the matter is, too many people want to do just that: significant personal detail, significant number, password done. Cybercriminals know this, and are more than willing to put in the time and effort to find out about one of your employees if it gets them access to a bigger prize. Using social engineering tactics and studying what they can of online activity, these criminals can gain a significant amount of information about your employees (or even you) with relatively little effort. Without better password practices put in place, they could then likely deduce the password of someone in your organization and from there, they’re in… especially if your email password is reused repeatedly to gain access to other facets of the business.

If remembering x-amount of different passwords is a concern, work with your team and implement a password manager, or a program specifically designed to protect passwords and reduce the number that have to be recalled.

Depending on how your company deals with email, for example, if you are using Outlook, your employees probably aren’t typing in their email passwords very often, if at all. This puts the email password even further from top of mind, but it’s important to remember that these passwords need to be changed regularly and kept secure.

2FA, or Two-Factor Authentication
What’s more secure than a password? Two passwords - or at least, a password and an additional code that is generated when an account is being accessed. This is how 2FA works - in addition to their usual password, an employee needs to provide a generated code (usually obtained via their mobile device) in order to access an account. As a result, a hacker who happened to steal some passwords from some database somewhere still wouldn’t have enough information to access your accounts--and because the second piece of authentication is delivered by some other means, like a number generated by an authentication app on the user’s mobile device, the hacker would have that much harder of a time obtaining that as well.

Clicking What Shouldn’t Be Clicked
There is an unfortunate tendency to automatically trust things that come in via our email, whether its an attachment or a link, as these are commonly used avenues for cyberthreats to come in by. This is probably because these attacks can be effective against any level of an organization - an intern could mistakenly let in a threat, as could the president or CEO and anyone in between.

These threats are often known as phishing scams, as the attacker simply casts out their net and waits for someone to take the bait. These scams often leverage emails that include links to quite convincing facsimiles of the site the link purports to direct to. Unfortunately, this only makes phishing a bigger threat.

Another favorite attack like this that cybercriminals like to use is to include a good, old-fashioned virus in an attachment. If you aren’t expecting an attachment in an email, don’t click it! In addition, it always helps to run a quick virus scan if you aren’t sure.

For help in running these scans and maintaining your security, or with any other IT questions you may have, you can always turn to the professionals at Alchetec. Reach out to us by calling 312-253-4321.

Which is Best for Your Server Needs, In-House or H...
WPA3 is Boosting Network Security
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Friday, September 21 2018

Captcha Image

Subscribe to Our Blog!

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Best Practices Technology Cloud Privacy Business Computing Malware IT Services Email Hackers Network Security Outsourced IT Managed IT Services Software Productivity Data Backup Internet Hosted Solutions Data Tech Term Ransomware Microsoft IT Support Computer Backup Business Mobile Devices Data Recovery Cloud Computing Innovation Business Continuity Productivity Hardware Small Business Android Smartphone Data Management IT Support User Tips Google Disaster Recovery VoIP Managed IT Internet of Things Communication Paperless Office Remote Monitoring Windows 10 Artificial Intelligence Managed Service Provider BYOD Browser Cybersecurity Workplace Tips Social Media Smartphones Business Management Phishing Applications Save Money Passwords Facebook Encryption Efficiency Office 365 Mobile Device Compliance Network SaaS Server Telephone Systems Wi-Fi Tip of the week Document Management Recovery Holiday Infrastructure Risk Management Unified Threat Management Government Managed IT Services Saving Money Virtualization Training Going Green Chrome Windows 10 Vendor Management Word Regulations Data Storage Data Security File Sharing Collaboration Two-factor Authentication Bandwidth Password Files Windows Healthcare Money Hosted Solution Firewall Router Antivirus Managed Service Robot Data loss Storage Gmail Vulnerability Employer-Employee Relationship IT Management App Website Project Management BDR Virtual Reality IT Service Work/Life Balance Quick Tips Monitors Mobile Security Maintenance Wireless Virtual Private Network Mobile Device Management Computing Alert Business Technology Automation Flexibility Samsung Assessment Unified Communications Digital Payment Bring Your Own Device Apps Help Desk Identity Theft The Internet of Things Outlook Patch Management Smart Technology Office Chromebook Upgrades Licensing Computers Microsoft Office Information Tablet HIPAA Customer Relationship Management Twitter Redundancy Politics Big Data Health Network Management Machine Learning Scam Internet Exlporer Server Management How To Remote Computing Analytics Blockchain IoT Miscellaneous Mobility How To Upgrade VPN Uninterrupted Power Supply Emoji Electronic Health Records Trending Legislation Social Networking MSP Networking GPS YouTube Cache Consulting Websites Access Control Google Maps Mirgation Spam High-Speed Internet IT Solutions Processors Permissions Star Wars Search Data Breach Supercomputer Staff Company Culture USB Specifications Travel Break Fix Nanotechnology Legal Law Enforcement OneNote Recycling Cyberattacks Content Filtering History Black Friday Motherboard Personal Information Proactive Google Drive Tracking Settings Hotspot Update Managed Services Provider Statistics SharePoint Migration Development Firefox Network Congestion Corporate Profile Fraud Utility Computing Employee-Employer Relationship Technology Laws IT Budget Operations Managing Stress Humor Mail Merge Solid State Drive Dark Web Screen Reader Gadget Language eWaste Augmented Reality Read Only Cortana Shortcut Software as a Service G Suite Cabling Cyber Monday Mobile Computing Virus Remote Monitoring and Management Avoiding Downtime End of Support Techology Digital Point of Sale Bluetooth Printing Downloads Chatbots Tech Support Cables Wires Lenovo Education Computer Care WannaCry Wireless Technology Remote Workers Heating/Cooling Unified Threat Management Wearable Technology IBM Enterprise Content Management Black Market Office Tips Address Taxes Hard Disk Drive Data Warehousing Smart Tech Safety Spyware Computing Infrastructure Management Technology Tips Hacker Computer Repair Crowdsourcing WPA3 Time Management Disaster Resistance Botnet E-Commerce Multi-Factor Security Gadgets Identity Notifications Consultation Superfish Net Neutrality Cost Management Servers User Error Vulnerabilities Physical Security Microsoft Excel Connectivity Sports Alerts Enterprise Resource Planning Business Growth Communications Unsupported Software Mouse Disaster Distributed Denial of Service Modem Fleet Tracking Proactive IT Features Hacking 3D Printing Google Calendar Software Tips Social Display WiFi VoIP Hard Drive Monitoring Printer Apple IT Technicians Customer Service Geography Dark Data Telephony IT Consulting Cooperation Mobile Automobile Mobile Data Comparison Managed IT Service Cookies Electronic Medical Records Asset Tracking Touchscreen Social Engineering Relocation Domains Hard Drives Emergency Information Technology Private Cloud Public Speaking Cleaning Presentation Motion Sickness Lithium-ion battery Error Downtime 5G Public Cloud Printers Marketing Hiring/Firing Sync Budget Staffing IT Consultant Competition CrashOverride IP Address Fun Mobile Device Managment Users Hacks Regulation Administrator Cybercrime Mobile Office