As innovation drives the internet into every area of our lives, cybercriminals continue to find new ways to take advantage of its vulnerabilities.
A perfect example is last year’s catastrophic breach at Sony Entertainment, an event that underscores how no company is safe from attack.
For highly regulated industries like financial and legal services, the consequences of a breach can be disastrous. Email security solutions like email encryption are now a crucial asset for industry professionals, representing an important line of defence as well as facilitating compliance.
>See also: The great IT myth: is cloud really less secure than on-premise?
Here are some top tips that companies can put in place to keep their email communications secure.
1. Don’t forget about internal threats
Despite companies installing anti-spam, anti-malware, encryption and monitoring tools, there is still a chance that attacks can get through. That's because cybercriminals exploit a company’s weakest asset: it’s people.
Employees are the biggest threat to any organisation’s cyber security policy. According to Gartner, 84% of high cost security incidents result from employees sending confidential data outside of the company.
Despite this, only half of companies are implementing employee-training schemes. Employee training is the most effective way of combatting employee negligence resulting in data loss.
2. Back to basics
Email security can be complicated, but it doesn’t need to be. Good email encryption solutions should make the process simple for both senders and recipients, while still keeping non-public personal information secure.
Policy-based email solutions remove the responsibility for security from individual employees by detecting specified keywords, attachments or number patterns like credit cards or National Insurance numbers.
3. Plan ahead
Most email security solutions have very basic requirements that companies need to have in place before implementation. Sometimes an element or two might be missing, such as an updated version of an operating system or applications or having TLS implemented on an email server. Having up-to-date systems guarantees a simple and smooth implementation of email encryption.
4. Don’t forget about mobile
Nearly everyone today carries a smartphone, whether their own personal device, a corporate issued device, or a personal device that employees are using for work purposes. However, mobile devices can easily be lost or compromised by hackers or malicious software.
Malware that attacks mobile devices is becoming more sophisticated than ever before. BYOD policies need to account for these risks and should include safeguarding and tips for device management.
5. Stay ahead of the curve
With security breaches constantly hitting the headlines, companies need to stay ahead of the curve when it comes to new security threats and management techniques. It’s not just IT that needs to be aware of the changing security landscape – every employee has a duty of care to ensure that all communications with clients and suppliers are secure.
Reading up on the ever-evolving industry is an important first step to ensure end-to-end data security and compliance.
>See also: Hillary Clinton email scandal shines light on spectre of shadow IT
Whether or not a business is legally required to keep data in transit safe, sending email in the clear is simply no longer acceptable. Customers expect their data to be handled securely and employees need an encryption solution that is easy to use across all of their devices.
Sourced form Jacob Ginsberg, Echoworx