The attacks that affect email are very diverse and their damage can be very high, so it is very important to be careful with our use of email, as it can put the entire company in check.
For a long time, the email tool has been essential in any company and since it arrived, it has changed the way of communicating, both internally and externally. It is undoubtedly an application with endless virtues, but like so many others, it is not without risks and cybercriminals take this into account. Today the attacks that affect email are very diverse and their damage can be very high, so it is very important to be careful with our use of email, as it can put the entire company in check. For this, the best thing is to have a good cybersecurity service.
Concerning the internet, it is very important to have a password that is as reliable as possible, since cybercriminals have several tools to bypass security systems and a simple password would facilitate access.
It should be borne in mind that ransomware attacks are the order of the day and continue to be one of the most relevant threats in recent years, affecting 50% of companies.
Despite all the protections and precautions that have been taken, they can get in and block your information. With a correct policy of periodic backup copies, we will not only avoid losing information in the event of a theft or loss of a mobile device (phone, laptop …) but also avoid the theft of information in those cyberattacks in which we they will block or encrypt access to data.
By having the data periodically copied to a remote location, it can be easily and quickly recovered, affecting your company, your work, and your customers as little as possible. Of course without paying unnecessary blackmail that will negatively affect our corporate image.
Therefore, it is important to use secure devices and locations to store these backups. It must be guaranteed under any concept that the information can be retrieved at all times. Carrying out tests or simulations to guarantee the integrity of the copies has to be an essential task in our security policy.
To carry out good management in the matter of email security, it is of vital importance to carry out practices such as the following:
- Do not open any link or download an attached file from an email that presents any indication or pattern out of the ordinary.
- Use security software, antivirus, and antimalware tools, personal firewalls, secure erase tools, etc. it must be something essential when using a device.
- Limit the exposure surface of threats, not only must security measures be implemented to protect access to information, but also the strictly necessary services must be determined.
- Encrypt sensitive information, there is no other alternative. Double authentication factor. Use passwords adapted to the functionality, being aware that double authentication is already a necessity.
- Make a secure deletion of the information once it is no longer necessary or the question support is going to be withdrawn.
- Make regular backups, there is no other alternative in case of infection of malicious code such as ransomware, data loss, storage hardware failure, inadvertent deletion of information by the user, etc.
- Keeping the applications and the operating system updated is the best way to avoid giving facilities to the potential threat.
- Regularly review applied security settings, app permissions, and security options
- Don’t rely solely on the sender’s name. The user must verify that the domain of the received mail is trusted. If an email from a known contact requests unusual information, contact them by phone or other means of communication to corroborate its legitimacy.
- Before opening any file downloaded from the mail, make sure of the extension and do not trust the @icon associated with it. Do not enable macros for office documents even if the file itself requests it.
- Do not click on any link that asks for personal or banking information.
- Use security tools in a complementary way to antivirus software.
- Avoid clicking directly on any link from the email client itself. If the link is unknown, it is advisable to search for information about it in search engines such as Google or Bing.
- Use strong passwords for email access. Passwords must be periodically renewed and if possible use a double authentication factor.