How you keep your email account safe
Everyone uses email to send and receive sensitive information, making it an attractive target for cyberattacks. The importance of email security is vital to your company’s operations, so applying the following tips can dramatically reduce your exposure to hackers and malware.
Use separate email accounts
Most people use a single email account for all their needs. As a result, information from websites, newsletters, shopping deals, and messages from work gets sent to one inbox. But what happens when someone breaks into it? There’s a good chance they could gain access to all the stored information and use them in fraudulent dealings.
Having at least two separate email accounts will not only boost your security, but it will also increase your productivity. You can have a personal account to communicate with your friends and family, and a professional email account solely for work-related tasks.
Set strong passwords
Some email users often overlook the importance of having strong email account passwords. You might be surprised to learn that email passwords like “123456,” “qwerty,” and “password” are still the most common around. For the sake of security, set longer passwords or passphrases that contain a good mix of upper- and lowercase letters, numbers, and special characters. Make sure these passwords are unique to that account to keep all your other password-protected accounts safe.
You should also consider enabling multifactor authentication (MFA). This creates an extra layer of security by requesting for another method to verify your identity, like a fingerprint scan or a temporary activation code sent to your mobile phone.
Beware of email scams
When you see a link in an email, don’t click on it unless you’ve assessed its authenticity. You never know where those links might lead you. Sometimes they are safe, but other times they can infect your computer with malware or send you to a compromised website.
It’s always good to know who the email message is coming from. If you’re expecting a file from your friend or family, then go ahead and open the attachment. However, emails coming from unknown sources or those that have strange account names such as “@amazon6753.com” are most likely to be email scams.
These types of attacks are known as phishing, and they can be remarkably clever. For example, cybercriminals may masquerade as high-profile companies like Amazon, Facebook, or Bank of America to catch their victims off guard. They create emails with a sense of urgency by claiming that there’s an issue with your account and that you should send them information or click on a link to “confirm” your personal details. This link will either install malware on your device or lead you to a fraudulent site.
Even if there was a genuine issue with your account, legitimate companies would never ask something so suspicious over email. If you get these messages, contact the company directly through a verified website or phone number — not the contact details on the email.
Monitor account activity
Periodically watch over your account activity. Make sure to limit access privileges to apps if you want to ensure maximum privacy and security. Also, check for any suspicious activities in your logs, such as unusual devices and IP addresses that have accessed your account. This indicates that hackers may have successfully broken into your account. If this is the case, sign out of all web sessions and change your password as soon as possible.
How Does Ashton Protect Microsoft 365 Email Accounts?
- We configure Office 365 profiles based on the Ashton Infrastructure Standard (AIS) which is derived from Microsoft-recommended configurations, industry best practices, and Ashton’s experience managing and protecting our clients.
- Among these settings are blocking external forwarding and anonymous calendar sharing, two features heavily used by attackers
- We configure and deploy multi-factor authentication (MFA) also with AIS-specific settings. MFA alone blocks over 98% of otherwise-successful attacks. Ashton’s specific configuration closes a text messaging loophole and provides more assurance of who is approving logins.
- We recommend additional security with Azure AD Premium which can provide extra protection for especially sensitive clients and VIP users.
- We have internally-developed tools that help us analyze Office 365 accounts and review log files to track changes and misconfigurations
- We are constantly evaluating products and solutions to find additional options for protecting against an attack and mitigating damage in the case an attack succeeds.
If you’d like to learn more about proper email security, give Ashton Solutions a call at 216 397-4080