Secure your corporate emails (HR Technology) HRF Q4_2017

0

Electronic mail, popularly known as Email, has undeniably become an official part of workplace communication. Some experts perceive that electronic mail has evolved to become an extension of the human body. We have access to them on our PCs, tablets, phones and other handheld or portable devices. The exchange of official, and sometimes confidential, individual and organisation documents via email is a norm that has come to stay. It is therefore necessary to secure the content of our emails to prevent unauthorised people from accessing confidential organisational information. Below are a few tips to consider if ever you are concerned about the security of your email.

Passwords

Passwords are the virtual security guards at the gates of our inbox and other folders. Since email addresses themselves are public goods, we must endeavor to keep our passwords as complex and private as possible. Common passwords such as 12345, abcd, love, among others should be left in the era where they belong; the Stone Age. Weak passwords like these are a threat to organisational security. Allow me to emphasize that passwords must be as complex and private as possible. Some experts have explained that longer passwords are difficult to hack. However, a password that is long and familiar can be easily figured out too. For instance, photosynthesis will make the cut for a long password but it does not meet the complexity criteria. The more complex and private your password is, the less likely you are to be a victim of an email attack.

WiFi Networks

Having access to WiFi has become a basic need for people all over the world. We are quick to jump onto any wireless network with internet access to sustain our connection to the virtual world. For others, it is unacceptable that a restaurant, hotel or conference center should exist without WiFi access. However, these networks are sometimes not safe to the extent that anyone on the network can have access to the content of all devices connected to that network. This includes email. Therefore, one must be cautious when joining such networks. One way to do so is to check whether the networks are secure. Also, ensure that the device you are using to join the network has the “invisible to other devices” option checked or selected. Although these will not guarantee 100% security, they provide an additional layer of security.

Login Locations

There have been reports of people’s accounts getting hacked because they logged into their emails from public places such as airports, restaurants, among others. Crowded spaces are fertile grounds for stealing security codes and passwords. A mere glance over the shoulder and a dubious person could have access to your access codes and confidential files. Care should therefore be taken when logging into email accounts from public places. Never assume no one is looking. Hide if you must. Another way of handling this is to activate a two-step verification on all corporate email accounts. This means that even when a password is entered, a text message will be sent to your phone with a second access code to be entered as part of the login process.

Vacant Desk

It is very important to shut down or hibernate your computer when you step away from your desk, even if it is for a few seconds. Do not assume that your environment is secure. By all means trust your work colleagues. However, assume that the moment you step away from your desk is when everyone steps away from their desk too. This means that no one will be physically available to protect your computer and its content. Although this may sound pedestrian, it will interest you to know that vacant desks have been cited in some identity theft cases.

Social Engineering

Social engineering in information technology security is the manipulation of users to give away sensitive information such as usernames, passwords, and credit card details, among others. Victims of such attacks explain how in some cases, they are sent links to reset their passwords while others are also asked to confirm their credit card details via email. Sometimes it is extremely difficult to determine genuine emails from service providers and malicious emails from attackers. If you are unsure of what to do, contact any IT professional for assistance.

It must be emphasised that the suggestions discussed in this article are not exhaustive. However, they provide a foundation for further discussion and reflection on the way electronic mail and content can be secured in organisations.

About author

No comments