301-571-5040    Get SUPPORT

Washington Works Blog

Tip of the Week: Getting Back to Email Security Basics

Tip of the Week: Getting Back to Email Security Basics

Email is a particular favorite attack vector of many who would do wrong by your business, as it is easily one of the most used communications in most businesses today. Do your employees know how large of a responsibility they have to your business’ security just by using email? In order to prevent unfortunate security blunders, you need to make sure you and your employees know a few best practices when it comes to handling email securely.

For this week’s tip, we’ll review these best practices.

Passwords
Yes, it can be annoying to have to enter a password everywhere, and yes, it can be hard to remember a different one for every account. However, your employees need to know why they have to deal with these annoyances, too, and why they can’t just use their pet’s name with the year they graduated and call it a day.

The fact of the matter is, too many people want to do just that: significant personal detail, significant number, password done. Cybercriminals know this, and are more than willing to put in the time and effort to find out about one of your employees if it gets them access to a bigger prize. Using social engineering tactics and studying what they can of online activity, these criminals can gain a significant amount of information about your employees (or even you) with relatively little effort. Without better password practices put in place, they could then likely deduce the password of someone in your organization and from there, they’re in… especially if your email password is reused repeatedly to gain access to other facets of the business.

If remembering x-amount of different passwords is a concern, work with your team and implement a password manager, or a program specifically designed to protect passwords and reduce the number that have to be recalled.

Depending on how your company deals with email, for example, if you are using Outlook, your employees probably aren’t typing in their email passwords very often, if at all. This puts the email password even further from top of mind, but it’s important to remember that these passwords need to be changed regularly and kept secure.

2FA, or Two-Factor Authentication
What’s more secure than a password? Two passwords - or at least, a password and an additional code that is generated when an account is being accessed. This is how 2FA works - in addition to their usual password, an employee needs to provide a generated code (usually obtained via their mobile device) in order to access an account. As a result, a hacker who happened to steal some passwords from some database somewhere still wouldn’t have enough information to access your accounts--and because the second piece of authentication is delivered by some other means, like a number generated by an authentication app on the user’s mobile device, the hacker would have that much harder of a time obtaining that as well.

Clicking What Shouldn’t Be Clicked
There is an unfortunate tendency to automatically trust things that come in via our email, whether its an attachment or a link, as these are commonly used avenues for cyberthreats to come in by. This is probably because these attacks can be effective against any level of an organization - an intern could mistakenly let in a threat, as could the president or CEO and anyone in between.

These threats are often known as phishing scams, as the attacker simply casts out their net and waits for someone to take the bait. These scams often leverage emails that include links to quite convincing facsimiles of the site the link purports to direct to. Unfortunately, this only makes phishing a bigger threat.

Another favorite attack like this that cybercriminals like to use is to include a good, old-fashioned virus in an attachment. If you aren’t expecting an attachment in an email, don’t click it! In addition, it always helps to run a quick virus scan if you aren’t sure.

For help in running these scans and maintaining your security, or with any other IT questions you may have, you can always turn to the professionals at Washington Works. Reach out to us by calling 301-571-5040.

Which is Best for Your Server Needs, In-House or H...
WPA3 is Boosting Network Security
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Sunday, November 18 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Technology Best Practices Cloud Privacy Business Computing Malware Hackers Business Email Network Security Software Tech Term Internet Productivity Computer Hosted Solutions Mobile Devices Managed IT Services Data Data Backup Backup Microsoft Ransomware IT Support User Tips Productivity Google Data Recovery Managed Service Provider Outsourced IT IT Services Smartphone Efficiency Encryption Cloud Computing Android Business Continuity Innovation Workplace Tips Social Media Hardware Windows 10 Data Management Communication Small Business Business Management Browser Paperless Office Office 365 Bandwidth Government Save Money Remote Monitoring Collaboration Server Disaster Recovery Smartphones Unified Threat Management Phishing Artificial Intelligence Windows 10 Infrastructure Tip of the week BYOD App Cybersecurity Vulnerability Work/Life Balance Managed IT Services Facebook BDR Compliance How To Word File Sharing Document Management Chrome Managed Service SaaS VoIP Wi-Fi Two-factor Authentication Network Healthcare Hosted Solution Windows Passwords Office Mobile Device Apps Password Employer-Employee Relationship Antivirus Applications Customer Relationship Management Holiday Money IT Management Big Data Chromebook Virtual Reality Politics Internet of Things Maintenance Saving Money Risk Management Alert Business Technology Server Management Training Remote Workers Virtual Private Network Health Websites Blockchain Gmail Samsung Meetings Regulations Communications Physical Security Information Twitter Storage Botnet IoT Computing Automobile Robot Tech Support Machine Learning Patch Management Identity Theft HIPAA Hacker Vendor Management Scam Point of Sale Recovery Remote Computing Telephone Systems Mobile Security Data loss G Suite Smart Technology How To Website Firewall Computer Care VPN Taxes Automation Quick Tips Data Security Router Remote Monitoring and Management Service Level Agreement E-Commerce Analytics Comparison Wires Employees Error Language Internet Exlporer Cortana Black Market Settings Wireless Multi-Factor Security Digital Payment Mirgation Vulnerabilities Conferencing IT Support Touchscreen Spam IT Consultant Connectivity Corporate Profile Outlook Mobile Device Management User Error Company Culture Crowdsourcing Google Drive Cameras Managed IT Service Modem WPA3 Emoji Value Utility Computing Features Lenovo Specifications Zero-Day Threat Solid State Drive Statistics Staffing Computing Infrastructure Digital Mail Merge Cybercrime Google Calendar Geography Electronic Medical Records Instant Messaging Cabling Permissions WannaCry Shortcut Administrator Printer Wearable Technology Managing Stress Personal Information Help Desk VoIP Law Enforcement Techology CCTV Break Fix Cookies Fleet Tracking Alerts Electronic Health Records Firefox Superfish Augmented Reality Webcam Black Friday Social Networking Update Hard Disk Drive Bluetooth Professional Services Monitoring Spyware Address Legislation Chatbots High-Speed Internet Legal Finance Education Fraud Star Wars Monitors Access Control Enterprise Content Management Bookmarks Avoiding Downtime IBM Gadget Dark Web Nanotechnology Asset Tracking WiFi Licensing Management Social Cyberattacks Notifications The Internet of Things Cyber Monday Motherboard MSP Human Error USB IT Solutions Consulting Microsoft Office Travel Mouse Identity Development Sports Authentication Disaster Gadgets Heating/Cooling Budget Relocation Cleaning Cost Management SharePoint Supercomputer Unified Communications Computer Repair Favorites Time Management Microsoft Excel Screen Reader Virtualization OneNote GPS Cooperation Enterprise Resource Planning Files Networking Proactive Permission Dongle Upgrades Managed Services Provider Processors Motion Sickness Tablet Search Cables Authorization Uninterrupted Power Supply Users Servers Private Cloud Hotspot Assessment YouTube Downtime Downloads IT Budget IT Technicians Bring Your Own Device Project Management Network Management Customer Service Smart Tech Employee-Employer Relationship Managed IT Office Tips Unified Threat Management Tracking Staff Mobile Read Only Upgrade Web Server Distributed Denial of Service Test Domains Printers RMM Public Speaking Presentation Lithium-ion battery Hiring/Firing Regulation Backup and Disaster Recovery Wireless Technology 5G Fun Safety Marketing CrashOverride Competition IP Address Hard Drives Emergency Miscellaneous Mobile Office