Since quite a long ago, email tools are absolutely essential in any company and since it came into our lives, it changed the way we communicate both internally and externally. No doubt it is an application with endless virtues, but like many others, it is not without risks and cybercriminals are very aware of this and take it into account. Today attacks that affect email services can be very different and the damage they cause can be very high, so it is very important to be careful of how we use our email, since it could thwart the whole company. To that end, the best option is to have a good cybersecurity service.
Â
Regarding the Internet, it is very important to have the as-safe-as-possible passwords, because cybercriminals have lots of tools to get around security systems and a simple password would make the whole process easier.
Â
Bear in mind that ransomware attacks are quite common today, and they're still one of the most relevant threats for the last decade, where thay affect 50% of the Spanish companies.
Â
Despite all protections and precautions taken, they may get access and block your information. With the appropriate periodic backup policy, not only will you avoid losing information in case of a mobile device theft or loss (smartphone, laptop...), but also avoid information theft in those cyberattacks where data access is encrypted or blocked.
Â
If your data are backed up every once in a while to a remote location, you may recover them easily and quicky, affecting your business, your work and your clients as little as possible. Of course without paying an unnecessary ransom that will negatively affect the corporate image.
Â
Therefore, it is important to use safe devices and locations to store those backups. Information recovery must be guaranteed at any time and under any kind of situation. Carrying out tests or drills to guarantee backup integrity must be an essential task comprised in your safety policies.
To carry out good email security management:
- Not open any link nor download any attached file coming from any email that presents any suspicious features or patterns out of the ordinary.
Â
- Using security software, antivirus and antimalware tools, personal firewalls, safe deletion tools, etc. must be mandatory when using a device.
Â
- Limiting the surface exposed to threats, not only should you implement security measures that protect access to information, but also determine extrictly necessary services.
Â
- Encrypt sensitive information, there's no other alternative. Double authentication factor. Use passwords adapted to the feature, staying aware of the fact that double authentication is already a need.
Â
- Safely delete information once it is not necessary anymore or the support itself is not going to be used anymore.
Â
- Do periodic backups, there is no other aleternative in case you get infected by malicious code like ransomware, data loss, storage hardware breakdowns, unintentional information deletion by users, etc.
Â
- Keeping applications updated as well as the operaiting system is the best way to avoid making things easy to a potential threat.
Â
- Check regularly the applied security configuration, application permissions and security options.
Â
- Don't trust only the sender's name. Users must check that the domain itself of the received email is trustworthy. If an email received from a known user requests unusual information, contact the sender by phone or other means to verify its legitimacy.
Â
- Before opening any file downloaded from your email, check the extension and don't trust the @icon it has associated. Don't enable macros from office documents even if the file itself requests it.
Â
- Don't click on any link that requests personal data or your bank data.
Â
- Use security tools together with your antivirus software.
Â
- Avoid clicking directly on any link from the email client itself. If the link is unknown, it is advisable to look for its information in search engines like Google or Bing.
Â
- Using safe passwords for accessing your email. You should change passwords once in a while and if possible use the double authentication factor.