As we all know, unprecedented numbers of employees are working from home during this pandemic year. In fact, one recent survey by Bay Leaf Digital found that 65 percent of newly WFH employees are now using company devices from home – and 42 percent are experiencing unstable access including issues with connecting to remote desktops, poor VPN, etc.
The problem is that not everyone recognizes the security risks these numbers represent, both for employees and the companies they work for.
Companies across North America have reported a 93% increase in cyberattacks in the past 12 months as hackers attempt to exploit widespread fear and uncertainty. According to related survey data, as many as 88% of respondents believe this increase is the result of cybercriminals specifically targeting employees working from home, as employees often use less stringent security measures on their household computer networks.
At the same time, TransUnion reports that phishing is the top digital fraud scheme worldwide related to the pandemic, with 27% of targeted consumers globally experiencing it. The goal of these scams often seems to be to collect data to perpetrate identity fraud.
Which isn’t to minimize the damage these hacks can cause to businesses. According to IBM, the global average cost of a data breach is $3.9 million across small and midsize businesses. Ironically, most of these catastrophic events begin in the business world’s most innocuous, everyday process: reading email. Let’s look at some habits and best practices that can be applied not just at the network security level but at the user level.
Quick Tips For Secure Users
The basic idea your employees must embrace is the absolute need for vigilance. Cybercriminals are always looking for new ways to bypass security measures, so ongoing user training must be a top priority for anyone who uses email. At the very least, your training should remind your users of the following points:
Things a legitimate company knows better than do in an email:
- Ask for any sort of personal information – the recipient’s or anyone else’s.
- Ask for access to any sensitive business information or process like banking information or shipment details.
- Ask the recipient to enable macros in any file.
- Send the email out with poor grammar or spelling errors, or with too-general or incomplete greetings and signatures. Not only would it reflect badly on their business, but they know scammers are often not too careful with these little details.
Actions you should always think twice about and check three times before performing in an email:
- Downloading any files.
- Clicking any links – even in expected messages like shipping or payment confirmations.
Remember: When in doubt, all employees should pick up a phone and call the email sender for confirmation. Further, if anything about an email looks even slightly off-kilter, don’t hesitate to use the “report” function and send the email in for further scrutiny. Check out our blog for more details on how to spot phishing emails.
Increasing Email Security
Now let’s look at some of the security measures you can enact within your email systems.
Ensure Data Privacy
- Because spammers will often try to hijack an email account by guessing its password, passwords that are easy to guess should always be avoided. Make sure your email server or account database (Active Directory, LDAP, etc.) requires strong passwords. For businesses using Security Gateway for Email, get more information on these and other user verification sources here. More information on verifying Microsoft 365 users can be found here. For businesses using MDaemon, administrators can configure strong password policies, as well as create lists of unauthorized passwords, as explained here.
- To protect the privacy of transmitted data, we recommend enabling the SSL encryption features for SMTP and HTTP. Click here for SSL setup instructions for MDaemon, and click here for Security Gateway instructions.
- We do not recommend allowing the whitelisting of local email addresses. Messages sent to any whitelisted address could bypass many of your security settings and put your server at risk of being blacklisted.
Prevent Unauthorized Access
- Require SMTP authentication. MDaemon administrators will find instructions in this knowledge base article. For Security Gateway, authentication should always be required, but exceptions can be made for messages that are transmitted from a domain mail server.
- Honor the SMTP sessions that come from someone at one of your listed domains only if they are coming from an IP address associated with that domain.
- Block inbound SMTP and HTTP connections from unauthorized countries. If your company has no legitimate business need to communicate with a particular country, then refusing connections from that country can potentially block large amounts of spam.
- Add a default mail server for domains that have not had domain mail servers specifically associated with them.
- With every incoming message addressed to an unknown local user in Security Gateway, verify that the account is a valid local user by querying a trusted data source before creating the account and delivering the message.
Block Suspicious Activity
- Dynamically block connections that fail too many authentication attempts, connect too many times in a given time frame, attempt to keep a connection open too long, or are sending to too many invalid recipients. Click here for Security Gateway instructions. For MDaemon, administrations can enable Dynamic Screening to block unauthorized login attempts and SMTP Screening to block connections that exhibit suspicious activity.
- Enable account hijack detection for MDaemon or Security Gateway and specify the number of messages that can be sent in a given time frame.
- Do not allow email relaying, which occurs when mail that is neither to nor from a local account is sent through your server. Servers that are not properly configured to prevent relaying can end up on a blacklist.
- Cybercriminals often use macros in email attachments to spread malware. Activate any option to detect macros in Microsoft Office documents and flag them as infected; these messages can be refused or “quarantined” for further review.
Consider an All-In-One Solution
Keeping up with this level of detail can be difficult for small and midsize businesses – especially when the threats evolve nearly every day. That’s why so many businesses turn to a third-party email security provider like MDaemon Technologies. Our cost-effective, easy-to-use Security Gateway for Email solution arrives preloaded to deal with all of the above concerns straight out of the box. In addition:
- Security Gateway scans all inbound and outbound mail using the Cyren and ClamAV antivirus engines. It also includes Cyren Outbreak Protection, which is real-time anti-spam and antivirus technology that is capable of proactively protecting your email infrastructure automatically and within minutes of an outbreak.
- Security Gateway includes more than 70 data leak prevention (DLP)rules that help prevent unauthorized transmission of sensitive information such as personal identification numbers, credit card numbers, and other types of confidential data. These rules can be configured to send messages containing sensitive content to administrative quarantine for further review, redirect the message to a designated address, or encrypt the message. We recommend enabling the appropriate DLP rules to suit the needs of your specific business or industry.
It’s not always easy to work from home, and it’s certainly not easy to make sure you’ve covered every angle to help secure your work data through remote devices. If you’d like more information on how MDaemon Technologies can help secure your work processes, call us at 817-601-3222 Option 3 to speak to an email security specialist, or visit SecurityGatewayForEmail.com to sign up for hosted or on-premise email protection.