301-571-5040    Get SUPPORT

Washington Works Blog

Tip of the Week: Getting Back to Email Security Basics

Tip of the Week: Getting Back to Email Security Basics

Email is a particular favorite attack vector of many who would do wrong by your business, as it is easily one of the most used communications in most businesses today. Do your employees know how large of a responsibility they have to your business’ security just by using email? In order to prevent unfortunate security blunders, you need to make sure you and your employees know a few best practices when it comes to handling email securely.

For this week’s tip, we’ll review these best practices.

Passwords
Yes, it can be annoying to have to enter a password everywhere, and yes, it can be hard to remember a different one for every account. However, your employees need to know why they have to deal with these annoyances, too, and why they can’t just use their pet’s name with the year they graduated and call it a day.

The fact of the matter is, too many people want to do just that: significant personal detail, significant number, password done. Cybercriminals know this, and are more than willing to put in the time and effort to find out about one of your employees if it gets them access to a bigger prize. Using social engineering tactics and studying what they can of online activity, these criminals can gain a significant amount of information about your employees (or even you) with relatively little effort. Without better password practices put in place, they could then likely deduce the password of someone in your organization and from there, they’re in… especially if your email password is reused repeatedly to gain access to other facets of the business.

If remembering x-amount of different passwords is a concern, work with your team and implement a password manager, or a program specifically designed to protect passwords and reduce the number that have to be recalled.

Depending on how your company deals with email, for example, if you are using Outlook, your employees probably aren’t typing in their email passwords very often, if at all. This puts the email password even further from top of mind, but it’s important to remember that these passwords need to be changed regularly and kept secure.

2FA, or Two-Factor Authentication
What’s more secure than a password? Two passwords - or at least, a password and an additional code that is generated when an account is being accessed. This is how 2FA works - in addition to their usual password, an employee needs to provide a generated code (usually obtained via their mobile device) in order to access an account. As a result, a hacker who happened to steal some passwords from some database somewhere still wouldn’t have enough information to access your accounts--and because the second piece of authentication is delivered by some other means, like a number generated by an authentication app on the user’s mobile device, the hacker would have that much harder of a time obtaining that as well.

Clicking What Shouldn’t Be Clicked
There is an unfortunate tendency to automatically trust things that come in via our email, whether its an attachment or a link, as these are commonly used avenues for cyberthreats to come in by. This is probably because these attacks can be effective against any level of an organization - an intern could mistakenly let in a threat, as could the president or CEO and anyone in between.

These threats are often known as phishing scams, as the attacker simply casts out their net and waits for someone to take the bait. These scams often leverage emails that include links to quite convincing facsimiles of the site the link purports to direct to. Unfortunately, this only makes phishing a bigger threat.

Another favorite attack like this that cybercriminals like to use is to include a good, old-fashioned virus in an attachment. If you aren’t expecting an attachment in an email, don’t click it! In addition, it always helps to run a quick virus scan if you aren’t sure.

For help in running these scans and maintaining your security, or with any other IT questions you may have, you can always turn to the professionals at Washington Works. Reach out to us by calling 301-571-5040.

Which is Best for Your Server Needs, In-House or H...
WPA3 is Boosting Network Security
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Thursday, April 18 2019
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Technology Best Practices Business Computing Cloud Productivity Privacy Malware Hackers Network Security Business Email Software Hosted Solutions Internet Tech Term IT Support Data Backup Data Data Recovery Computer Efficiency User Tips Mobile Devices Google Innovation Backup Managed IT Services Ransomware IT Services Microsoft Cloud Computing Hardware Business Management Workplace Tips Outsourced IT Small Business Productivity Encryption Managed Service Provider Managed IT Services Smartphone Collaboration Paperless Office Android Business Continuity Server Phishing Office 365 Upgrade Social Media Communication Remote Monitoring Windows 10 Browser Disaster Recovery Communications Smartphones Data Management Windows 10 Save Money Bandwidth Government VoIP Cybersecurity Employer-Employee Relationship Passwords Holiday Compliance Infrastructure Tip of the week Automation Unified Threat Management Risk Management Healthcare Scam Antivirus Document Management Vulnerability Saving Money IT Management Windows Quick Tips Business Technology Wi-Fi BYOD App Artificial Intelligence Chrome BDR Apps Work/Life Balance Managed Service Facebook Internet of Things Information Customer Relationship Management Blockchain Big Data File Sharing Vendor Management How To SaaS VPN Network Mobile Device Hosted Solution Maintenance Office Two-factor Authentication Analytics Word Password Applications Money Chromebook Politics Virtual Reality Microsoft Office Patch Management Training Alert Professional Services Websites Website Gmail Regulations Health Data loss Storage Meetings IoT Management Samsung Networking Botnet Twitter How To Electronic Medical Records Wireless Physical Security Proactive Mobile Device Management Automobile Computing Data Security Machine Learning Access Control HIPAA Robot Server Management Bring Your Own Device Identity Theft Settings Virtual Private Network Remote Monitoring and Management Point of Sale Mobile Security Employees Telephone Systems Social Recovery Tech Support Remote Computing Smart Technology Remote Workers G Suite Tablet Company Culture Firewall Hacker Private Cloud Computer Care Downtime Router Taxes Spyware Virtual Assistant Address Comparison Fleet Tracking Operating System Web Server Language Internet Exlporer Managing Stress Help Desk Office Tips Tracking Monitors Printing Multi-Factor Security Mirgation Backup and Disaster Recovery Avoiding Downtime Connectivity Electronic Health Records Error High-Speed Internet Finance Digital Payment Users Windows 7 Managed IT Service Modem Monitoring IT Consultant User Error Software as a Service Specifications Asset Tracking Tech Terms Cameras Disaster Heating/Cooling Computing Infrastructure Value Enterprise Content Management Bookmarks Cortana Customer Service Black Market Remote Worker Google Calendar MSP Human Error Crowdsourcing Time Management Permissions Cyberattacks Staffing Emoji Development Authentication Cybercrime Break Fix Cookies USB Consulting Printer Wearable Technology Spam Wasting Time Black Friday Social Networking OneNote Theft Law Enforcement CCTV Uninterrupted Power Supply Servers Alerts Unified Communications Favorites Administrator YouTube ROI Legislation Chatbots Permission Webcam Personal Information Network Management Fraud Star Wars Enterprise Resource Planning Files Cables Authorization Dark Web Nanotechnology Dongle Managed Services Provider Education Update Financial Managed IT Database Cyber Monday Motherboard Employee-Employer Relationship Gadget Legal Licensing Project Management Notes Mouse Identity Test IT Support Touchscreen Cost Management Mobile Read Only WiFi Wires Travel Notifications Google Drive Microsoft Excel Screen Reader Service Level Agreement E-Commerce Relocation Cleaning Augmented Reality Corporate Profile Procurement Outlook SharePoint Supercomputer IT Solutions Voice over Internet Protocol Lenovo Sports Solid State Drive Statistics Cooperation Vulnerabilities Conferencing Digital PowerPoint Mail Merge WPA3 RMM Computer Repair Cabling Hotspot Assessment GPS Virtualization IBM Security Cameras Shortcut Downloads IT Technicians Zero-Day Threat Motion Sickness VoIP Techology Smart Tech Utility Computing Features The Internet of Things WannaCry IT Budget Gadgets Upgrades Budget Processors Firefox Net Neutrality Superfish Distributed Denial of Service Search Hard Disk Drive Bluetooth Unified Threat Management Staff Geography Instant Messaging Competition Regulation IP Address CrashOverride Miscellaneous Mobile Office Transportation Domains Emergency Hiring/Firing Public Speaking Fun Presentation Lithium-ion battery Wireless Technology 5G Safety Printers Marketing Hard Drives