Tag Archive: email security

  1. Password Management & Cybersecurity

    Comments Off on Password Management & Cybersecurity

    Cybersecurity information is readily available and widely circulated today. So have online hacking incidents decreased substantially? Not exactly. Hackers are still targeting personal credentials because they’re a slam dunk way to gain access to private information. According to Verizon’s 2019 Data Breach Investigations Report, stolen credentials account for 29% of all breaches, with 80% of hacking breaches traced back to weak or stolen passwords.

    We’ve talked at length about email security and the risks of password compromise under the Business Tech topics on our blog. Today, we’d like to give you concrete, actionable steps to protect your email privacy.

    Best Practices for Your Email Security

    Email has become so commonplace that individuals are often desensitized to how much delicate information they may contain. Leaving email accounts unprotected on multiple devices is like leaving your front door open. If you think of your email as your home and envision it in the worst possible neighborhood, you’d use a lock. In fact, you’d probably use several locks and an alarm system. That’s precisely how you should approach email security.

    Here are some best practices for you to mandate for your entire team:

    • Make Unique Passwords Mandatory. A common mistake is that people are using the same password across multiple accounts. If you use the same password for your private email as you do for your work email and other accounts, the hackers only have to compromise one account to have access to all of them.
    • Passwords Should Be Complex. Using personal information or simplistic passwords is another common mistake. You need to stay away from using words or information that can be guessed by knowing you or following you on social media. Ideally, passwords should appear to be a random sequence of numbers, letters, and symbols.
    • Turn Off Auto-Fill. Auto-fill seems like a godsend. It eliminates a lot of time filling out information repeatedly. But it also means that all of that information is stored where malicious actors can get it. There are even phishing attacks targeting this exact technology. Remember, the things that save us time are often the biggest holes in security.
    • Use a Business Password Manager. Keeping passwords written down can be dangerous, but if you’re following best practices, you’ll have a lot of hard to guess passwords to keep track of. Using a good password manager app can help you maintain the highest level of security in choosing passwords and making them safe.
    • Never Leave Devices Unprotected. You should need to use your password every time you check your email on every device. The same goes for other accounts.

    Looking for Expert IT in the Southwest to Manage Your Cyber Security?

    If you’re concerned about cybersecurity, contact Integrated Axis today. Our experienced technicians can assess your process, help you find the best software solutions, and develop a reliable protocol to make sure best practices are followed to protect your company’s privacy.

  2. Business Tech | The Risks of Email Compromise

    Comments Off on Business Tech | The Risks of Email Compromise

    We’ve talked at length before about email security in the business world, but this issue cannot be understated. According to AIG (one of the insurance companies that cover business losses due to cyber risks), the largest threat for businesses today are email breaches. Compromised emails cause more overall damage than ransomware and even data breaches by hackers. Why are scammers hitting business email accounts so hard? If you understand the possible motives for email compromise, you’re more likely to take the proper precautions on all communication avenues. 

    Email Compromise Motives

    Most business professionals are well versed in phishing schemes and outright hacking. The motive is to gain access to sensitive data. The email compromises we see work a little differently. Often these scams aren’t about getting data or launching a ransomware attack (though those types of attacks still happen and you should have security protocol in place for those, as well). Often, email compromise is about a one-time theft of money. In some cases, the scammer may come back for payment more than once, if they’re sure that the target isn’t already aware of the scam.

    In these attacks, the scammers have inside knowledge about the target. They may have gained access to email accounts, which means that they can read through all sent and received emails to gain a picture of current projects, vendors, and colleagues that the target deals with routinely. The email account that they’ve compromised is also not necessarily the one they target to send fraudulent requests to. That’s what makes this type of scam so hard to identify and guard against. If you’ve followed all best practices and are confident your own account is secure, you might be less wary about the emails you receive from trusted sources — like your boss or vendor.

    Be Aware

    Take this, for example: a hacker compromises the email account of someone in your company. They’ve read through and figured out which vendors are being used for current projects. They can also do some research online to find all the players in your company. Then they would go about setting up fake email and payment accounts. Once they have all of that in place, they might send you a fraudulent invoice with payment details. Or they might send an email that appears to be from your superior or even the head of the company, instructing you to send payment to a vendor. The payment, of course, would go to the hackers. These scams often look authentic and use proper English. There’s very little to differentiate them from legitimate correspondence. And major companies with excellent security protocols have still fallen prey to these types of attacks. The best approach is to not pay for anything that you didn’t have scheduled, at least not without verifying the request directly.

    Integrated Axis | Your Cyber Security Expert in the Southwest

    If you’re looking for a company to build your strategy for email security in the Tucson and Phoenix area, contact Integrated Axis today. Our experienced staff can assess your process and deliver the exact IT services you need.

  3. Business Tech: The Importance of Email Security in the Workplace

    Comments Off on Business Tech: The Importance of Email Security in the Workplace

    Emails can pose a significant threat to your company’s cybersecurity. Data from previous hacking incidents often reveals that the initial contact was made through email. In fact, the Cyber Security Breaches Survey of 2018 shows that fraudulent emails were cited in 75% of all attacks. That’s a massive number. If you want to lessen your company’s vulnerability, the first step is to make sure that all of your email accounts are secure.

    Why Email Security Is Important in Tucson

    Hackers who seek to infiltrate specific companies often target individuals who work for the company itself. Yet these carefully executed attacks are still only one reason that you need to be concerned about the security measures you take with your email. There are also many phishing attacks that aren’t targeted at specific people, but can compromise your company’s cybersecurity just the same.

    Email threats are two-fold. Some attacks explicitly seek to get the recipient to download malware, go to an infected site, or trick recipients into giving away sensitive information. The second kind of attack relies on intercepting emails. This type of attack is targeted, involving hackers who need to be in the vicinity of your internet connection, therefore gaining access. In other words, this secondary type of attack is less common for most companies, but still dangerously prevalent.

    However, simple best practices can help you protect your email accounts from hacking and other cybersecurity threats.

    Best Practices for Email Security for Your Company

    Emails are a necessary tool for many of your business communications. When you follow best practices, you minimize the risks of a breach within your company. It’s crucial that every member of your staff maintains the same high standards.

    Here are a few best practice protocols your staff should use at all times.

    • Never Use Open or Public Networks. It’s essential only to use secured networks. Open networks can allow outside actors to gain access to your device, read sensitive information, and use that information to create a more sophisticated attack.
    • Always Use Best Practices for Password Protection. Passwords are an essential security measure to guard your device and accounts. But too many people leave phones, iPads, and computer terminals open rather than punching in their password each time they use the device. Passwords should be used at all times, and they should not be shared among different accounts.
    •  Always Update Your Software. Software updates are important because they often include patches to known vulnerabilities.
    • Use Common Sense with Email. Most phishing emails are easy to spot, but there are some today that are still relatively convincing. The best method to stay safe from these threats is to use common sense. Never click on links, don’t download files if you weren’t expecting documents from a set person, and when in doubt, call the person or company to verify the email.

     

    Are You Looking for Cyber Security Help in the Phoenix Area?

    If you’re concerned about how well your company is equipped to deal with cybersecurity threats, contact Integrated Axis today. Our dedicated team of experienced technicians can asses your current protocols, and of course work with you to help you maintain the best practices to stay ahead of any potential risks.