Email security is a big deal with the recent data breaches and hacks appearing in the news daily, but many business owners don’t know how to secure their email. In this blog post, we’ll go over what you need to do to keep your teams safe from cybercriminals and data breaches. We’ll cover best practices for encrypting emails, protecting sensitive information in emails, and creating strong passwords. Are your teams secure? Read on!
Email Encryption
Most modern email services encrypt emails during transit using a technology called TLS (Transport Layer Security). This technology scrambles your emails whilst they are being sent and received but does not protect them “at rest” whilst they are sat on your devices or the devices of those that you’ve sent them to. There are lots of tools available for encrypting email, some more technical than others, for example, PGP encryption has been a pretty robust tool for encrypting email (and files) but it can be somewhat complicated to setup (PGP was famously used by Edward Snowden whilst communicating with reporters from The Intercept under the moniker of “Citizenfour”).
As workplace tools have become more consumerised and the popularity of web based platforms like Google Workspace and Microsoft’s Office 365 have made headway, we’ve seen new user-friendly encryption tools become available to the mass market like Virtru – a tool that enables you to send encrypted emails to your colleagues (or external partners/customers) without having to install any complicated tools or manage your own encryption keys.
Another popular encrypted email service is the Swiss based Proton Mail Developed by a team of scientist from CERN, Proton Mail enables users to send and receive encrypted emails between users on and off the platform. The service now offers a business plan with the option to add your own domain name.
Protecting Sensitive Information
So how about protecting sensitive information? What if you need to share things like ID documents or sensitive user credentials over email but don’t want those messages sitting around in people’s mailboxes forever? Google Workspace has a new feature called Confidential Mode.
With Gmail confidential mode, your users can help protect sensitive information from unauthorised or accidental sharing. Confidential mode messages don’t have options to forward, copy, print, or download messages or attachments.
Confidential mode lets you:
- Set a message expiration date
- Revoke message access at any time
- Require a verification code by text to open messages
Microsoft’s Office 365 platform has a similar (if somewhat complicated to setup and manage) system that lets you assign access rights to emails.
Creating Strong Passwords
We’ve all been working for passwords for years now and managing passwords amongst a busy team can be a security nightmare (and a massive headache) without the right tools in place. Using a password manager with team sharing functionality is a must – there are lot’s on the market today but 1Password consistently comes out on top in reviews and user feedback.
1Password allows you to create secure encrypted password “vaults” where you can store all of your access credentials safely. The software will automatically generate long complicated passwords that are completely unique for every service that you use.
For business users, you can set up teams and group employees by access required for their role and then safely share credentials amongst them. The tool comes with extensive logging, fine-grained privilege control, and advanced features like alerts when a site that you use has been compromised or warnings if you’ve used the same password twice.
Enable 2 Factor Authentication
Strong passwords and encryption are great for keeping things locked down and safe but with a rise in sophisticated phishing campaigns designed to steal your passwords or trick you into logging into expertly crafted fake login portals – we need to do more.
We have one more tool in our email security arsenal and that’s “Two Factor Authentication” sometimes called “2FA”. It pretty much does what it says on the tin and requires you to provide a secondary form of authentication at login in combination with your username and password – usually in the form of an SMS message or a time-sensitive code (like your online banking uses). Both Microsoft and Google offer 2FA options for securing your account with Google going one step further by offering a dedicated hardware key called a Titan Security Key.
Two-factor authentication is a great way to add another layer of protection for your account. It can help protect you from hackers and keep your data safe.
We want to help you get a handle on cyber security so that it doesn’t cause you or your business stress. All of the steps outlined in this blog post are important, but what may be most crucial is taking action today. If you have any questions about these tips or just need some guidance with implementing them into your own company, don’t hesitate to reach out for a free consultation. Let’s make sense of cybersecurity together!