10 Tips to Improving your Email Security

Tony MasonEmail Monitoring, GFI MailEssentialsLeave a Comment

Email is constant with billions of messages sent every month and hundreds received into someone’s inbox every week or even every day.

But any of these messages could be a hidden time bomb containing something far more dangerous than the latest newsletter or response to an earlier query –  malware or a virus.  

Your company’s network, applications and data are the lifeblood of your business and that includes your email. If your email server is compromised a little it can cause serious damage, compromised a lot and your business may go under. Email Security protection is vital and this protection must be deep and rich and all encompassing.

Email Security is vital to prevent phishing

Using a software tool like GFI MailEssentials can help protect against phishing

You must protect your network from these incursions. One way is to go back to basics, and make sure you are taking all the traditional steps to fortify your Email Security. At the same time, there are new attack techniques and you must be on guard for these as well. So you must implement traditional best practices and move ahead to the future to ward off attacks on your company email, as well as your own.

Here are 10 tips to ensuring you do the most to protect your company’s emails:

  1. Demand passwords
  2. Stop data leakage with content filtering
  3. Stop spam before it really stinks
  4. Stop breaches with content filtering
  5. Make malware go away
  6. Block breaches
  7. Consider compliance
  8. Training and best practices
  9. Fight phishing
  10. Implement defence in depth

 Email Security in depth

We’ll go into these in a bit more detail in turn.

  1. Passwords – Your company’s passwords are your first line of defence, make sure they are as strong as they can be using upper and lower case, numbers and special characters. Even better, have them in an encrypted file.
  2. Data Leaks – Avoid data leaks by having a policy which says no corporate information is sent out without management approval and use a keyword tool which can check for common words or phrases like social security, confidential, budget.
  3. Spam – Have users take maximum advantage of spam filters and be careful of how they deal with the messages in the junk mail folder. Never open anything marked as spam unless you are sure of the source.
  4. Content filtering – Email content monitoring can help solve most of these problems, keeping your company out of hot water by blocking inappropriate messages. Email content security tools can stop data leakage, but also helps put an end to unproductive work such as spending all day on online gambling or fantasy football. And it can help insure that compliance regulations are met.
  5. Malware – Just like with spam, you need multiple anti-malware engines for true protection. Content filtering is another way to fight zero day attacks. Good filtering will recognise and block the types of attachments likely to carry a viral payload.
  6. Breeches – use filters and blockers to prevent phishing emails getting onto your network.
  7. Compliance – All these issues are more serious for those companies covered by compliance regulations where you must beyond doubt prove that your email, and the data it contains, is safe. Here, you must protect all aspects of your mail and ensure that your key corporate data, be it credit card numbers, personal information, or financial information.
  8. Training – All the defences in the world can’t protect against an easily fooled employee who may be tricked into giving a hacker full network access. Make sure your staff are fully trained and aware of the dangers which may come to them via an email.
  9. Phishing – Training to spot phishing is one half of the prevention equation. The other half is strong tools that can spot and block phishing messages. Check for bad grammar, spelling and an email address which doesn’t match the alleged sender’s company. Links or threats to close an account if you don’t respond are also usually a sign something is wrong.
  10. Defence – Training users to spot malicious mail and social engineering attacks is critical, but even more so is having proper technical defences. That means protections against all forms of intrusion and data leakage. And that means having:
  • Anti-virus/anti-malware
  • Spam protection
  • Content filtering

It’s better if these are all integrated into a single program and it’s even better if it offers a chance to run these defences either on the Cloud or on the business premises. This is where GFI software can help.

GFI MailEssentials has three versions ranging from full-on unified protection with anti-virus/anti-malware, and spam protection; an anti-spam/anti-phishing edition; and a pure anti-virus/anti-malware tool.

As a partner with GFI, we are offering you a free MailEssentials 30-day trial.  Simple to set up, easy to use and with no obligations.  Just see how it works.  Receive your free trial today.

You can also download the full report from GFI here.

Leave a Reply