312-253-4321    Get SUPPORT

Alchetec Blog

Tip of the Week: Getting Back to Email Security Basics

Tip of the Week: Getting Back to Email Security Basics

Email is a particular favorite attack vector of many who would do wrong by your business, as it is easily one of the most used communications in most businesses today. Do your employees know how large of a responsibility they have to your business’ security just by using email? In order to prevent unfortunate security blunders, you need to make sure you and your employees know a few best practices when it comes to handling email securely.

For this week’s tip, we’ll review these best practices.

Passwords
Yes, it can be annoying to have to enter a password everywhere, and yes, it can be hard to remember a different one for every account. However, your employees need to know why they have to deal with these annoyances, too, and why they can’t just use their pet’s name with the year they graduated and call it a day.

The fact of the matter is, too many people want to do just that: significant personal detail, significant number, password done. Cybercriminals know this, and are more than willing to put in the time and effort to find out about one of your employees if it gets them access to a bigger prize. Using social engineering tactics and studying what they can of online activity, these criminals can gain a significant amount of information about your employees (or even you) with relatively little effort. Without better password practices put in place, they could then likely deduce the password of someone in your organization and from there, they’re in… especially if your email password is reused repeatedly to gain access to other facets of the business.

If remembering x-amount of different passwords is a concern, work with your team and implement a password manager, or a program specifically designed to protect passwords and reduce the number that have to be recalled.

Depending on how your company deals with email, for example, if you are using Outlook, your employees probably aren’t typing in their email passwords very often, if at all. This puts the email password even further from top of mind, but it’s important to remember that these passwords need to be changed regularly and kept secure.

2FA, or Two-Factor Authentication
What’s more secure than a password? Two passwords - or at least, a password and an additional code that is generated when an account is being accessed. This is how 2FA works - in addition to their usual password, an employee needs to provide a generated code (usually obtained via their mobile device) in order to access an account. As a result, a hacker who happened to steal some passwords from some database somewhere still wouldn’t have enough information to access your accounts--and because the second piece of authentication is delivered by some other means, like a number generated by an authentication app on the user’s mobile device, the hacker would have that much harder of a time obtaining that as well.

Clicking What Shouldn’t Be Clicked
There is an unfortunate tendency to automatically trust things that come in via our email, whether its an attachment or a link, as these are commonly used avenues for cyberthreats to come in by. This is probably because these attacks can be effective against any level of an organization - an intern could mistakenly let in a threat, as could the president or CEO and anyone in between.

These threats are often known as phishing scams, as the attacker simply casts out their net and waits for someone to take the bait. These scams often leverage emails that include links to quite convincing facsimiles of the site the link purports to direct to. Unfortunately, this only makes phishing a bigger threat.

Another favorite attack like this that cybercriminals like to use is to include a good, old-fashioned virus in an attachment. If you aren’t expecting an attachment in an email, don’t click it! In addition, it always helps to run a quick virus scan if you aren’t sure.

For help in running these scans and maintaining your security, or with any other IT questions you may have, you can always turn to the professionals at Alchetec. Reach out to us by calling 312-253-4321.

Which is Best for Your Server Needs, In-House or H...
WPA3 is Boosting Network Security
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, April 24 2019

Captcha Image

Subscribe to Our Blog!

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Best Practices Cloud Business Computing Productivity Malware Hackers Privacy IT Services Network Security Email Data Backup Software Hosted Solutions Outsourced IT Internet Data Productivity Managed IT Services Business Data Recovery Innovation Tech Term Computer Microsoft Ransomware Cloud Computing Hardware IT Support Small Business IT Support Backup Business Continuity Mobile Devices Google Efficiency Business Management User Tips Managed IT Services Collaboration Paperless Office Remote Monitoring VoIP Android Communication Workplace Tips Internet of Things Data Management Upgrade Smartphone Phishing Disaster Recovery Server Cybersecurity Windows 10 Browser Managed Service Provider Managed IT Smartphones Passwords Encryption Save Money Artificial Intelligence Office 365 BYOD Social Media Mobile Device Holiday Windows 10 Communications Applications Facebook Saving Money Employer-Employee Relationship Document Management Compliance Risk Management Wi-Fi Government Unified Threat Management Healthcare BDR Business Technology Microsoft Office Tip of the week SaaS Telephone Systems Bandwidth Antivirus Automation Managed Service Information Recovery Vulnerability Windows IT Management Scam Analytics Project Management Infrastructure Network Quick Tips Vendor Management Chrome Regulations Data Storage Apps Data Security Virtual Reality IT Service Work/Life Balance Router Training Customer Relationship Management Maintenance Bring Your Own Device Word Hosted Solution Website Office File Sharing Robot Blockchain Storage Gmail Password Files Wireless App Mobile Device Management Help Desk Money Two-factor Authentication Firewall Virtualization VPN Going Green Data loss Politics Tablet Machine Learning Virtual Private Network Social Unified Communications Remote Computing Proactive Employees Flexibility Electronic Medical Records The Internet of Things Management Uninterrupted Power Supply Smart Technology Mobility How To Net Neutrality Printing Software as a Service Remote Monitoring and Management HIPAA Assessment Big Data Computing Outlook Remote Workers Customer Service Internet Exlporer Upgrades Patch Management Alert Miscellaneous Settings Computers IoT Cooperation Redundancy Mobile Security Samsung Network Management How To Server Management Company Culture Digital Payment Chromebook Identity Theft Monitors Licensing Twitter Networking Access Control Health Tech Support Language eWaste Disaster Conferencing Shared resources Specifications Wireless Technology Cyber Monday Mobile Computing OneNote Financial Data Breach Telephony IBM Software Tips Cyberattacks Voice over Internet Protocol Safety Chatbots WiFi Cables VoIP Test Network Congestion Google Drive PowerPoint Statistics SharePoint Automobile Hacker Wearable Technology Enterprise Content Management Humor Firefox Data Warehousing Smart Tech Apple Managed Services Provider Technology Laws Emoji Gadgets Computing Infrastructure Meetings Cortana Mail Merge Employee-Employer Relationship Procurement End of Support Cost Management Read Only Windows 7 Shortcut IT Solutions Processors Identity GPS YouTube RMM Education Avoiding Downtime Techology Microsoft Excel Connectivity Google Maps Point of Sale Professional Services Bluetooth Downloads USB Wires Vulnerabilities Zero-Day Threat Office Tips Lenovo Legal Law Enforcement Heating/Cooling Unified Threat Management Private Cloud Users Alerts Travel Enterprise Resource Planning Instant Messaging Address Personal Information Distributed Denial of Service Modem Supercomputer Security Cameras Update Content Filtering Hard Drive History Transportation Technology Tips Tracking WPA3 Operating System Time Management Disaster Resistance E-Commerce Virtual Assistant Multi-Factor Security IT Technicians Geography Corporate Profile Backup and Disaster Recovery Consultation Superfish Gadget Servers User Error Mobile Solid State Drive Finance Unsupported Software Virus Managed IT Service Cookies IT Budget Remote Worker Spam G Suite Cache Cabling Bookmarks 3D Printing Mouse Social Networking Fleet Tracking Digital Tech Terms Display Proactive IT Permissions Downtime Star Wars Features Wasting Time Hacking Google Calendar Black Market Mirgation Computer Care High-Speed Internet WannaCry Human Error Dark Data Social Engineering Printer Staff Taxes Hard Disk Drive Authentication Mobile Data Computer Repair Crowdsourcing Break Fix Nanotechnology Monitoring ROI Botnet Hotspot Recycling Favorites Teamwork Comparison Notifications Black Friday Motherboard Asset Tracking Spyware Theft Touchscreen IT Consulting Fraud Utility Computing Electronic Health Records Database Trending Legislation Physical Security Migration MSP Development Permission Sports Search Websites Business Growth Operations Managing Stress Authorization Augmented Reality Dark Web Screen Reader Consulting Notes Hacks 5G CrashOverride Mobile Device Managment Marketing Administrator Relocation Budget Cybercrime Competition IP Address Information Technology Printers Hiring/Firing Mobile Office Cleaning Error Motion Sickness Domains Fun Students Regulation Public Cloud Public Speaking Presentation Sync Hard Drives Lithium-ion battery Staffing IT Consultant Emergency