Despite the vast array of modern digital communication methods and tools, most companies are still very reliant on email as a means of internal communication, and beyond. There are over 3.7 billion email users, with that set to rise to 4.3 billion by 2022. Over 281 billion emails, both professional and personal are sent per day.
Email is huge, and the nature of its widespread use means it remains a massive cyber security threat, with an estimated 92 per cent of malware delivered by email, and experts identifying phishing as the number one threat. IT support services are spending more time needing to find ways to prevent cyber attacks and be extra vigilant.
38,000 German students were recently forced to queue to receive new email passwords recently, as their university was the target of a cyber attack, taking the entire university offline. Email cyber attacks are expensive, with cybercrime expected to cost the world over $6 trillion by 2021.
There are a few best practices to adopt that will help minimise attacks and keep your business safe.
Human behaviour is cited as the biggest challenge in email security, which makes it imperative that education and training is prioritised. Implement an email security protocol and train employees about the dangers of malware, spoofed domains, and phishing.
Over 52 per cent of people reuse their passwords, using the same ones on multiple websites and email logins, and additionally use simple passwords that are easy to guess. On top if this only a quarter of people have adopted using a 2-step authentication process when accessing their emails, leaving it wide open for hackers to get in and cause mayhem.
It becomes clear that investment in training could save companies millions a year in avoiding cyber attacks. Drawing up an email security protocol as the basis of cyber security training could include some of the following.
- Checking the ‘from’ field before opening an email.
- Hover over emailed hyperlinks before clicking.
- Use a strong password which is changed regularly.
- Logging out of email at the end of the day or session.
- Block emails that have suspiciously large attachments.
- Being aware of password reset emails that have not been requested.
- Use a VPN when working remotely or using public wifi.
Depending on the nature of your company, and considering factors such as remotely working employees or a large number of staff who work in the field, you may need to have a focus on certain areas over others.
Phishing is making a comeback, and while people are getting much better at recognising them for what they are, it is advised to carry out phishing simulations, and improve your employees’ knowledge on what to watch out for, such as spelling mistakes, or urgent and threatening subject lines.
A majority of email security is good common sense, but fails with employees taking lazy shortcuts that then expose email vulnerabilities.
Security threats continue to adapt, evolve and change, but the fight is far from lost, and a little best practice can ensure your company reduces the chances of a cyber attack. IT specialists in Doncaster can always assist, so contact us today.