Email is the main communication tool for businesses. Therefore, feeling like there are holes in the security surrounding your business email infrastructure can be a major cause for concern.
In addition to this, having to constantly deal with daily spam can be frustrating and time consuming.
With hacking and fraud on the continuous rise, there is no better time to secure your email system. Once an email account has been hacked, the hacker may have access to sensitive or confidential business information. This means they can also send and receive emails as the rightful owner of the account and view any incoming or outgoing mail.
Having your emails with Office 365 means you can use the same security system used by Microsoft themselves, as well as other worldwide companies. This system scans your messages and documents 24/7 for spam and malware (malicious software).
6 Steps to Email Security
If you want peace of mind knowing that your business email system is safe and sound, here are a few things you can do.
#1 Use Complex Passwords
Usually the first weak point in an email system is the passwords that are being set and used. Be sure to use a long password that makes use of letters, numbers and symbols. Steer clear of using things such as your surname, first name or date of birth in your password.
If you’re having trouble thinking of a strong password, there are a range of random password generators on the internet that can help you come up with something suitable.
#2 Sharing is Not Caring
Firstly, and obviously, don’t share your password with other people!
Secondly, avoid using the same password for your social media and other online systems. All it takes is for one of those platforms to be hacked, for the hacker to then have access to everything.
#3 Change it Up
We agree that changing your password often is a hassle. However, it is important to change your password every 1 to 3 months for ultimate email security. The random password generators mentioned previously in this article can assist you with this.
#4 Enable MFA
Enabling multi-factor authentication is taking that extra step towards login security. As the name suggests, MFA requires more than one method of authentication to gain access or login.
Once MFA is active, when a user attempts to sign in to an email account, they will be prompted for a username and password. They will also be promoted for a secondary authentication factor, for example, a code sent to a mobile phone or a security question that requires a correct answer.
The enabling of multi-factor authentication can be done in your account settings, depending on the system you are using. If you are a current user of Microsoft Office 365, here is a step-by-step guide on how to do it.
#5 Set Up A Sender Policy Framework
Setting up a Sender Policy Framework (SPF record) is important in disallowing spammers from sending emails with a forged “from” address on a business’s domain, i.e. sending emails that appear to come from you/your business.
An SPF record recognises which mail servers are permitted to send emails on behalf of your domain. The setting up of an SPF is done within your domain account settings.
#6 DKIM and DMARK
Like SPF, it is important to have DKIM and DMARK records added to your domain to ensure your email security.
Where SPF controls who can send emails from your account, DKIM (Domain Keys Identified Mail) is a method to confirm that the emails’ content weren’t changed in transit from the initial mail server. DMARC (Domain-based Message Authentication, Reporting and Conformance) allows the receiver to know if your messages are protected by SPF and DKIM.
Another feature of having a DMARC record is the integration of an email address to receive compliance reports for non-delivery of emails due to policy violations and other statistics collected by receivers against your domain.
Here’s how to set up DMARC in Microsoft Office 365.
Ultimately, there’s no way you can totally secure your email infrastructure. But equipped with the information in this article, you should be able to significantly reduce your business’s risk of becoming a victim to hacking or fraud.
If you are already with an outsourced IT service provider or have an IT team in house, speak to them to find out what is being done, in terms of email security.
Cloudswitched is a Microsoft Gold Partner as a Cloud Solutions provider. If you think your account has been hacked, or if you are looking for an IT company to ensure the security and smooth running of your business email infrastructure, get in contact with us!
In this article, we will be sharing with you 6 tips to securing your email.