hands typing on a laptop with email and user icons hovering above

How To Secure Your Business Email

Email is at the heart of most businesses. Protecting your email from threats also protects your sensitive data, your customers and your reputation. 

Email is one of the oldest technologies built on top of the web, unfortunately that means it’s also one of the least secure. Failing to properly secure your email can leave it vulnerable to hackers. We’re going to go over some of the risks of unsecured email, and some steps you can start to take today to better protect yourself. 

What Are The Risks Of Unsecured Email?

If a hacker gains access to your email account, they get access to far more than just your messages. 

  • Sensitive Data
    Your email account will most likely have sensitive data about your business, your employees, and your customers. This includes personally identifying information, business secrets that would be valuable to your competitors, to customer payment details and bank account numbers. Once this data is compromised, an attacker could publish all of it online for the whole world to see or try to blackmail you and demand a ransom be paid to stop them leaking it. This isn’t always a one-time event either, they may activate a forwarder on your account to automatically forward all future communications to their account without you realising.
  • Fraud
    If an attacker gains access to your account, they can send emails out from that account. They can abuse your reputation and the trust that your suppliers and customers have in you in order to trick others. For example, they could send fake invoices out to clients with the bank account changed to be their own, thereby tricking a customer into paying the hacker instead.
  • Phishing Scams
    A hacker’s goal could be to gain access to one of your company’s email accounts and use it to send out phishing scam messages. Every person in your email’s contact list would be at risk. If your company is a known and trusted brand, then even members of the public could be targeted using your hacked email account.
  • Resetting Other Passwords
    If your email is connected to other services or is the recovery email for another account, a hacker can send password resets requests, gain access, and then lock you out of those other accounts – leaving even more data vulnerable.

How Can You Secure Your Email?

– Have A Strong Password
We know it’s almost a cliché by now, but you really, REALLY need to have a strong password for your email. Ideally every password you use for any online service would be a secure, randomised password (a password manager can help you achieve this) – but your email password is even more important than any other password as your email can act as a key to almost all your other accounts.

– Implement Two Factor Authentication
Two Factor Authentication (2FA) adds an extra layer of security by requiring a code be entered every time you log in. This code can either be generated by an app or sent you via text. With 2FA enabled, even if an attacker had your email address and password, they would not be able to gain access to your account. You should implement a 2FA policy across your organisation on any business-critical systems or accounts. You can learn more about Two Factor Authentication here.

– Keep Personal and Business Email Separate
Ensure that you and your employees are keeping a solid distinction between personal and professional uses for email. You shouldn’t be signing up for random newsletters or making accounts on gambling sites using your work email, and similarly you shouldn’t be replying to customers or suppliers from your personal email account.

– Use a Specialised Email Filter
While every email service has its own spam filter, these often aren’t up to the task of protecting a business email. By using advanced email filtering, you can have more granular control over which messages are blocked. Enterprise email filtering tools also allow you to open and inspect suspicious emails in a safe online environment away from your network. This means you can check these emails safely and without the risk of opening them on your own device.  

– Implement DKIM & DMARC On Your Domain
DKIM stands for Domain Keys Identified Mail. This email security technique uses public-key cryptography to aid in the prevention of domain spoofing. It allows recipients to verify that the email came from the organisation that claims to be the sender. 

DMARC (Domain-based Message Authentication Reporting and Conformance) policies let email servers know how to deal with unauthorised messages sent from your email domain. Despite its effectiveness at combatting email-based threats, it is estimated that as few as 10% of businesses currently have a DMARC policy in place.

How Carden IT Services Can Help Secure Your Email

Keeping one email address locked down is an achievable goal but keeping an entire organisation’s email secure can be a little trickier. This is because it often requires more expertise and a selection of enterprise-grade email security tools. If any of the above processes sound confusing or beyond the ability of your own team, it’s probably a sign that it’s time to consult some IT experts. 

At Carden IT Services, we offer professionally managed email security as part of our wider Managed IT Services & Cyber-Defence Packages. Speak to our team today and learn how we can help to secure your business’s email. 

Author: Dave King

Dave King is the Co-Founder and Director of Carden IT Services and the wider Carden IT Group. Dave has over 18 years’ experience in business IT networks with a focus on IT consultation and disaster recovery planning/testing.