Email Security Your Business!
There various threats your business and one threat is to your emails, this doesn’t matter what ever system or device you are using at the time to check emails.
The threats are phishing , spam , email borne malware, discovery demand , acceptable use violations.
Phishing – emails sent to try and get you to give out your personal information like banking details and password, (Spear Phishing) emails personally directed to user and these may get through you filter and have a link to a bogus site.
Spam – clicking on spam can be costly as to links can be bogus and also cost you staff time in deleting spam mail all these can reduce productivity .
so as one says time is money .
Email Borne Malware – Emails attachment and links can be bearers of viruses and malware that can corrupt you operating system or network , this will need the user to become award of not clicking unsolicited email links.
Discovery Demand - Legislation request email a good example would be the emails of the Sun and news of the world group during the inquiry. This includes text messages too.
Civil and criminal investigations can bring penalties if u have not archived the email and data too.
Acceptable usage violations – staff using company emails for personal use and also using personal device to send company information, the latest example is the scandal within the CIA and the US Army Generals and mistresses love affairs.
Once you are aware of the threats you need to assess them to understand the risk the pose to the company.
How often have you stored your password for your office network on your mobile and not used the mobile security to secure the phone also have u sent an email from your business account to with personal info in it, this will be archived by the company and may be used against you in disciplinary hearing .
BYOD is bring your own desktop/device, many people today are using their own devices to work on and these may not be up the security standard required by the company, causing a noncompliance issue.
Archiving – with selected software archiving can be done, and the storage of relevant emails can be important if any legal issues arise. Archive storage can be on-site or in the cloud for easy recovery, for disclosure if required.
Staff and management must be aware of company policies and the law when using various devices within the company. Regular training and updates to staff will also aide compliance for certain legislation include DPA.
The use of various social media sites to communicate with clients and piers should not be encouraged. It is best used for marketing and following trends, sending business messages to and from clients can end up in the public domain.
This can lead to loss of confidence in your ability to manage communication and understand privacy for clients.
Good questions to ask are.
Does the company have an email policy
Are staff aware of the acceptable use policy.
Do these policies cover staff and BYOD devices ,Business Continuity plan.