Online Security

Developing an Email Security Plan

Article Rating: 2 / 5 Votes: 59

Category: Online Security , Communicating Securely

Email is not only one of the most popular and effective online tools, it can also be one of the most dangerous. Much of the malicious software found on computers is installed unintentionally by users when opening suspicious email messages. This malicious software includes viruses, worms, and Trojans and is known as "malware". Cybercriminals use email to distribute malware to conduct some of the most common email security breaches.

Fortunately, it's also relatively easy to protect yourself against most of these dangers, provided you put in place a consistent, constant plan to secure email.

A secure email protection plan has two parts: an email security policy (that's dependent on you and your employees) and email security software (featured in good anti-virus programs).

Let's look at each element of secure email protection and what it entails.

Email Security Policy

Most email security problems are the result of our own errors; viruses attached to emails, for example, usually don't take effect unless they are actively clicked on by a user. With that as our starting point, let's look at the basic elements of an email security policy that should be followed by every employee using email:

  • Never read unsolicited email or email from an unknown sender: the act of opening (reading) such email can expose your computer and network to outside threats.
  • Never click on attachments from unknown senders: viruses and other malicious software lurk in attachments that often promise to be a picture or game.
  • Never respond to financial or other offers, no matter how legitimate they appear to be: legitimate companies do not request confidential information such as credit card or Social Security numbers by email; any sweepstakes or other offer that looks too good to be true should be ignored.
  • Never share your email account password: as with any password, email security information must be kept absolutely confidential.
  • Never forward an unsolicited email: you shouldn't be reading it, much less forwarding it.
  • Never use business email accounts for personal mail: by restricting business accounts to business use, you take a large step toward reducing the risk of email security problems.

Email Security Software

Anti-virus software includes email scanning tools that guard against the most common email viruses, worms and Trojans. To secure email effectively, certain email protection practices should be followed:

  • Enable both incoming and outgoing email virus scans: should a virus enter your system from another avenue - an employee using an infected disk, for example, the outgoing mail-scan insures that the virus isn't transmitted
  • Update anti-virus software often: if the software isn't updated, your email is vulnerable to the newest attacks; update weekly if not more often to keep your email secure.
  • Make sure all anti-virus accounts and licenses are up-to-date and renewed: bear in mind that software license renewals are required for each employee computer or notebook

The Bottom Line: Make an email security policy a regularly reviewed element of your company's overall business practices. The only sure defense against threats is a consistent and constant email protection plan.