I am sure you have heard the news, hospitals, governments, and companies big and small have all succumb to ransomware attacks. In 2016 some reports state 70% of businesses paid to get their data back. The good news is this number is falling, the bad news is they are now focusing on precision attacks using targeted emails, and the largest growing segment is health care. According to Cylance’s 2017 threat report, healthcare accounted for 58% of threats, up 34% from 2016, and 2018 is looking to be even higher. Your data is very valuable and they now it, which brings us to our topic today of email security!
First, what is email security? Email is still the most popular medium for businesses to pass information both within, as well as outside the organization with partners, and customers alike. Have you ever wondered who else can see that e-mail? Or how they may use the contents?
Let’s start with common online “free” email addresses, you know the ones. I am sure we all have at least one of these email addresses, and I am sure a lot of us have more then one. They do make it very simple to create a new account, and they do give us “free” storage as well, what more could you want. Well the reason I put the word free in quotes, is that those large companies filter through every single email you send, as well as every file stored on their system. They then have machine learning algorithms, a form of AI, siphon through all your data, including anything ever sent back to you, to look for what marketing opportunities can be used to sell to you, or they sell that data to companies that are willing to pay for this data.
This is where your IT company can come in. Setting up a hosted exchange server using a product like Microsoft Office 365 (O365), can give you the best of both worlds. You still get the usability of an online product but with very little infrastructure required to run it. You also get a personalized email address that matches your online presence and let’s be honest name@company_name.com looks a lot more professional as well. Now this of course is not “free” but most plans are now offered as a monthly subscription which includes all security updates, and product updates much quicker then the off the shelf product. Products like O365 even have email encryption, anti-spam filtering, and allow for multi-factor authentication (MFA). Or you can move up to their Advanced Email Threat Protection. I personally recommend O365 because it also comes with the entire office suite, like Word, and Excel, which most clinics require anyway.
Are you considering O365 email? Or are already using O365 and would like to start using Advanced Email Threat Protection? We can help answer these or any general email security questions you may have. Please let us know, by reaching out to our knowledgeable staff we would be glad to help!
Call our team at 888.930.9933 or email us firstname.lastname@example.org
TOP 4 tips for human driven email security
Never open attachments or click on links in email messages from unknown senders:
Attachments and links can hide hidden code that can often bypass your antivirus products because the user initiated the command.
Be careful to look at the sender’s email:
tricks like email@example.com is not a bank asking you to click on a link to verify that your credit card purchases are valid. Yet this simple trick is used to gain access to systems every day.
Always follow password best practices:
Use strong passwords and change them often.
Never share your password with anyone, not even co-workers, or IT staff
Avoid accessing company email from public wi-fi connects.
It is very easy for someone on the same network to watch the data traffic and steal passwords, content, or personal information that could be used to trick a user into clicking on a link or opening an attachment, also known as a phishing attack.
TOP 4 tips on technology use for email security
Use a secure mail client like Outlook:
When combined with O365 you can create a much more secure environment that still gives uses the flexibility to connect from multiple devices, and remotely.
Turn on email encryption to protect both the content and attachments.
Always use a strong anti-virus product
Preferably one that is managed by the IT company so that updates are scheduled outside of business hours, so that they don’t interfere with the day to day operations, which is usually why they are turned off.
If they are not updated regularly they can do little to stop an attack.
Installing even a simple firewall can greatly reduce the number of attacks
Some firewalls can now even scan e-mails going through for common attacks and filter them out before they reach the recipient.
Use a managed service provider
Having an IT company that uses managed services that utilize a Network Operations Center (NOC) team can catch attacks.