It has never been more important to stay security conscious when you are online and as one of our main points of communication, e-mail is an area where you might be particularly vulnerable. With e-mail scandals and security leaks regularly in the news at the government and corporation level, you might feel like now is a particularly good time to beef up the protection of your personal or business address. I’ve put together this handy guide to help you improve your e-mail security and protect yourself online.
Sending e-mail as HTML might be the most common method, and I’m not going to say that you can’t get some fancy features like image signatures, but HTML also leaves you exposed to potential threats like malware. It can be easy for unscrupulous individuals to hide malware in HTML, but if you change your e-mail to be displayed in plaintext you won’t be fooled as easily. Most e-mail clients have a plaintext option, and while it is certainly not as pretty as HTML, it is much safer.
Beware of Phishing
You should never open or reply to spam or phishing e-mails, even if you’re just wanting to vent your frustrations. Replying can leave you open to subsequent abuse and will essentially paint you as a target. Since spam can contain malware, it is even more important that you just don’t touch it. If your employees or other people using e-mail on your network, it is recommended that you regularly circulate advice and guidelines on how to deal with spam and phishing.
Protect Your Passwords
Password protection is an important part of almost all services and software, but it’s doubly so when it comes to e-mail. Since lots of e-mail clients treat your e-mail address as the username, anyone who has your e-mail address already has half of what they need to gain access. On top of this, many companies set up their e-mail addresses to contain the users first and second names, giving away more details that could be used to gain access.
For example, an employ named Jane Doe might have an e-mail address as “firstname.lastname@example.org”. With a simple search of “Jane Doe, Company” Jane’s Facebook account could possibly be found, alongside any personal information that has been shared there, such as her birthday, relationship status, city of residence and maybe her favourite film or book. If Jane is using “Favouritefilm1!” as her password, then with just a few small steps and attempted variations, her e-mail account can be accessed quite easily.
Now you might think that the solution would be to adopt an e-mail address with less identifiable information on it, and that is certainly a reasonable approach. However, e-mails with names attached to them are more trustworthy and professional in a business context, so this may not be the best solution. Instead, you should look to implementing complex passwords that are not reliant on easily accessible information. While these may be more difficult to remember, they will help to protect you and others from abuse.
Use Multiple E-Mail Addresses
If your work involves outreach or contacting people that you have no guarantee are trustworthy, then I recommend using a couple of different alias e-mail addresses. These e-mail addresses should follow the same principles of security as your main address, however, if someone gains access to it the damage is compartmentalised. Just make sure not to tie the e-mail addresses together, or use personal information for your aliases, like your mother’s maiden name or anything similar.
Don’t Include Sensitive Info
The other side of protecting your e-mail is making sure that you are prepared for when a data breach happens. There is no such thing as “no damage” when it comes to compromised e-mail accounts or leaked e-mails, but you can help to minimise the severity of this damage by not including sensitive information in e-mails. This can include e-mailing bank account numbers and the like. You should also look into encrypting your e-mails, so that in the case of a leak they are not readable.