301-571-5040    Get SUPPORT

Washington Works Blog

Tip of the Week: Getting Back to Email Security Basics

Tip of the Week: Getting Back to Email Security Basics

Email is a particular favorite attack vector of many who would do wrong by your business, as it is easily one of the most used communications in most businesses today. Do your employees know how large of a responsibility they have to your business’ security just by using email? In order to prevent unfortunate security blunders, you need to make sure you and your employees know a few best practices when it comes to handling email securely.

For this week’s tip, we’ll review these best practices.

Passwords
Yes, it can be annoying to have to enter a password everywhere, and yes, it can be hard to remember a different one for every account. However, your employees need to know why they have to deal with these annoyances, too, and why they can’t just use their pet’s name with the year they graduated and call it a day.

The fact of the matter is, too many people want to do just that: significant personal detail, significant number, password done. Cybercriminals know this, and are more than willing to put in the time and effort to find out about one of your employees if it gets them access to a bigger prize. Using social engineering tactics and studying what they can of online activity, these criminals can gain a significant amount of information about your employees (or even you) with relatively little effort. Without better password practices put in place, they could then likely deduce the password of someone in your organization and from there, they’re in… especially if your email password is reused repeatedly to gain access to other facets of the business.

If remembering x-amount of different passwords is a concern, work with your team and implement a password manager, or a program specifically designed to protect passwords and reduce the number that have to be recalled.

Depending on how your company deals with email, for example, if you are using Outlook, your employees probably aren’t typing in their email passwords very often, if at all. This puts the email password even further from top of mind, but it’s important to remember that these passwords need to be changed regularly and kept secure.

2FA, or Two-Factor Authentication
What’s more secure than a password? Two passwords - or at least, a password and an additional code that is generated when an account is being accessed. This is how 2FA works - in addition to their usual password, an employee needs to provide a generated code (usually obtained via their mobile device) in order to access an account. As a result, a hacker who happened to steal some passwords from some database somewhere still wouldn’t have enough information to access your accounts--and because the second piece of authentication is delivered by some other means, like a number generated by an authentication app on the user’s mobile device, the hacker would have that much harder of a time obtaining that as well.

Clicking What Shouldn’t Be Clicked
There is an unfortunate tendency to automatically trust things that come in via our email, whether its an attachment or a link, as these are commonly used avenues for cyberthreats to come in by. This is probably because these attacks can be effective against any level of an organization - an intern could mistakenly let in a threat, as could the president or CEO and anyone in between.

These threats are often known as phishing scams, as the attacker simply casts out their net and waits for someone to take the bait. These scams often leverage emails that include links to quite convincing facsimiles of the site the link purports to direct to. Unfortunately, this only makes phishing a bigger threat.

Another favorite attack like this that cybercriminals like to use is to include a good, old-fashioned virus in an attachment. If you aren’t expecting an attachment in an email, don’t click it! In addition, it always helps to run a quick virus scan if you aren’t sure.

For help in running these scans and maintaining your security, or with any other IT questions you may have, you can always turn to the professionals at Washington Works. Reach out to us by calling 301-571-5040.

Which is Best for Your Server Needs, In-House or H...
WPA3 is Boosting Network Security
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Monday, January 21 2019
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Best Practices Business Computing Cloud Malware Privacy Hackers Productivity Business Network Security Email Software Tech Term Hosted Solutions Internet Mobile Devices Computer Data Data Backup Backup Ransomware Managed IT Services User Tips Microsoft Google IT Support Data Recovery Cloud Computing Outsourced IT Hardware Productivity Efficiency Innovation Managed Service Provider IT Services Smartphone Small Business Encryption Social Media Business Management Business Continuity Android Paperless Office Workplace Tips Smartphones Data Management Windows 10 Remote Monitoring Save Money Windows 10 Communication Collaboration Browser Office 365 Managed IT Services Government Employer-Employee Relationship Holiday Server Disaster Recovery Bandwidth Communications Artificial Intelligence BYOD VoIP Wi-Fi App Healthcare Cybersecurity Work/Life Balance Passwords Facebook Infrastructure Tip of the week BDR Scam Antivirus Internet of Things Vulnerability IT Management Unified Threat Management Phishing SaaS File Sharing Saving Money Document Management Upgrade Quick Tips Maintenance Hosted Solution Word Office Network Windows Managed Service Password Chrome Mobile Device Two-factor Authentication Information Money Chromebook Applications Virtual Reality Apps Risk Management How To Politics Customer Relationship Management Big Data Compliance Blockchain How To Gmail Bring Your Own Device Samsung Websites VPN Physical Security Twitter Regulations Remote Monitoring and Management Electronic Medical Records IoT Computing Data Security Meetings Storage Employees Business Technology Wireless Server Management Botnet Remote Workers Virtual Private Network Mobile Device Management Company Culture Robot Automobile Recovery Access Control HIPAA Social Machine Learning Identity Theft Remote Computing Mobile Security Point of Sale Telephone Systems Tech Support G Suite Smart Technology Patch Management Hacker Automation Vendor Management Microsoft Office Firewall Private Cloud Computer Care Downtime Alert Taxes Router Data loss Health Website Training Digital Payment User Error Project Management Uninterrupted Power Supply Remote Worker Servers Customer Service IT Consultant Managed IT Service Modem Employee-Employer Relationship YouTube Computing Infrastructure Value Mobile Read Only Network Management Cameras Specifications Test Permissions Service Level Agreement E-Commerce Google Calendar Wires Personal Information Managed IT Staffing Update Analytics Cybercrime Printer Wearable Technology Vulnerabilities Conferencing ROI Spam Break Fix Cookies Settings Administrator Alerts IT Support Financial Touchscreen Law Enforcement CCTV Black Friday Social Networking WPA3 RMM Legal Fraud Star Wars Utility Computing Features Google Drive Webcam Legislation Chatbots Zero-Day Threat Corporate Profile Outlook Lenovo Geography Instant Messaging Notifications Solid State Drive Statistics Education Dark Web Nanotechnology Sports Digital Mail Merge Licensing Managing Stress Help Desk IT Solutions Cabling Procurement Gadget Cyber Monday Motherboard Fleet Tracking Operating System WiFi Cost Management Electronic Health Records Virtualization VoIP Techology Augmented Reality Mouse Identity Backup and Disaster Recovery Computer Repair WannaCry Shortcut Firefox Superfish Travel SharePoint High-Speed Internet Finance Hard Disk Drive Bluetooth Relocation Cleaning Microsoft Excel Screen Reader Professional Services Monitoring Search Spyware Address Supercomputer Cooperation Enterprise Content Management Bookmarks Upgrades Processors Security Cameras IBM Asset Tracking Tech Terms GPS Hotspot Assessment Management Cyberattacks Avoiding Downtime The Internet of Things Tablet MSP Human Error Monitors Consulting Motion Sickness Downloads IT Technicians Development Authentication Gadgets Budget Smart Tech USB IT Budget Unified Threat Management Staff Unified Communications Favorites Disaster Printing Heating/Cooling Distributed Denial of Service OneNote Theft Office Tips Tracking Language Internet Exlporer Enterprise Resource Planning Files Cortana Black Market Time Management Web Server Comparison Proactive Permission Dongle Managed Services Provider Emoji Networking Multi-Factor Security Mirgation Cables Authorization Crowdsourcing Users Error Connectivity Emergency Miscellaneous Mobile Office Hiring/Firing Domains Printers Fun Public Speaking Presentation Notes Lithium-ion battery Regulation Hard Drives Wireless Technology 5G Safety Marketing CrashOverride Competition IP Address