5 business best practices for email security

Featured image

Share this article

New email notification on a mobile device

Updated: July 18, 2019

When it comes to best practices for online security, you may be familiar with tips like changing your password every six months, not using the same password for different logins, and not using a personal email account as your business email.

But what about email security for businesses?

Email is the most popular communication channel amongst businesses – and this trend isn’t going anywhere. With that said, there are countless hackers on the world wide web seeking to exploit insecure emails for personal gain.

SEE ALSO: 3 Key Lessons Learned From WannaCry Ransomware Cyberattacks

To not fall victim to one of these cyberattacks, follow these security solutions below.

1. Protect yourself from spam, phishing and malware

We love spam musubi, but fortunately that’s not the spam we’re talking about protecting ourselves from.

Spammers will use a variety of techniques – such as keylogging Trojans, phishing emails or linking to malicious websites – to steal sensitive business and personal information. This can be details like social security numbers, bank accounts, credit card information and more.

In order to prevent this, you need an email service such as Paubox Suite Plus that stops malware or spam from arriving in your inbox or a robust anti-virus software in addition to your business email. Bonus points if this service can prevent the harvesting of email addresses and blocks emails with more than 15 recipients.

Having a good filter protecting your inbox will give you one less thing to worry about for potential security breaches.

As a bonus, if the software you use has advanced features like Paubox’s ExecProtect to eliminate display name spoofs from reaching users.

2. Double check internal corporate emails

As you read this article, you are becoming more savvy when it comes to email protection. However, so are cyber criminals.

Every day, new viruses and malware are being developed. As a result, the distribution of this malicious software is getting more complex.

READ MORE: The increasing complexity of email security

This means even official internal emails can be susceptible to malware.

Now, this isn’t to say that all company emails will contain some kind of virus. In fact, most malware is sent primarily from external sources.

However, if an employee’s machine gets a malware infection, they could be sending malicious emails from their personal or professional email address without their knowledge.

Naturally, we’re more likely to click on a link from someone we know versus someone we don’t know.

Therefore, be wary of links in email messages, even it seems like they are taking you somewhere familiar. It never hurts to follow up with your coworker and verify that they sent you the email with the potentially suspicious link.

If they didn’t send it to you, simply delete it.

But remember, cyber criminals make mistakes too. If a link seems legitimate, double check for misspellings or strange name variations. Most of the times, these are dead giveaways that the link is malicious.

3. Block large email attachments

As a general rule of thumb, emails should not contain attachments larger than 10MB. This is because some emails may not deliver attachments this large, and the sender may not always be notified that their email never sent.

However, in regards to email security, Word Docs, Excel and PDF files are the most common attack files used for malware. Attachments with macros are especially dangerous.

For a better email security practice, use an alternative method for sending large files such as a cloud service like Dropbox, Google Drive or Paubox.

If you see an unexpected attachment in an unfamiliar email, don’t open it. A simple click can lead to a damaging outcome.

READ MORE: Horror Stories: When Cybercriminals Attack Hospitals

4. Train your employees on email security

One seamless way you can train your employees: have them read this article as homework.

But in all seriousness, here are some email security practices you or human resources can train your employees to follow:

  • Establish an email policy so employees know what to do and what not to do
  • Do not click on links or open attachments from unknown senders
  • Don’t respond to a spam email (a response verifies your email address, and spammers will continue bothering you knowing your email is real)
  • If the email is from a known sender, verify it came from that person and double check the spelling / naming of the link or attachment

You can also do tests by sending a fake phishing email and seeing who clicks on it. That can be used to make sure everyone is applying their training and staying vigilant.

SEE ALSO: Locky Ransomware Attacks U.S. Healthcare

5. Encrypt your emails

Finally, the most important step to ensure there is no loss of private information – encrypt your emails.

This is especially important if you work in regulated industries, like healthcare, and need to meet regulatory requirements such as HIPAA.

By encrypting your emails, you’re preventing hackers from intercepting emails and stopping them from reading the emails. This makes sure that the only eyes reading your messages belong to your intended recipient.

READ MORE: Build A Rock-Solid Email Security Strategy

Many email providers, like Gmail, automatically encrypt their messages via Transport Layer Security (TLS) protocol. But not every email service has this enabled, meaning not every email delivered is encrypted.

Some studies show that as much as 20% of email providers do not support TLS and messages sent to them is delivered in clear text and can be read by anyone.

CHECK YOUR EMAIL: See if your email supports TLS in just a few seconds

As a result, you should look into a more comprehensive email encryption tool for even stronger email security.

By following these steps, you can rest assured that your information will be more safe from the hands of cybercriminals.

Try Paubox Email Suite for FREE today.
Author Photo

About the author

Arianna Etemadieh

Arianna is an Inbound Marketing Specialist at Paubox. In her free time, she enjoys cooking, traveling, and volunteering at the animal shelter.

Read more by Arianna Etemadieh

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022