4 Dangerous Email Security Myths (And The Reality)
- A Strong Password Is All You Need
- Email Service Providers Take Care Of Security For Us
- Trained & Smart Employees Will Obviously Know Better
- Secure Email Gateways (SEGs) Are Enough
Myth #1: A Strong Password Is All You NeedA password is generally considered strong when it contains a rather long (15 characters or more) combination of uppercase letters, lowercase letters, numbers, and special characters. Even just a few years ago, this was near enough to secure for most email users. However, as email password cracking has become more and more sophisticated (including the use of limited AI to generate passwords more and more inline with what actual humans may choose). The true answer for today’s world is the use of MFA, or Multi-Factor Authentication. MFA is essentially a multi-step process for logging in that utilizes different types of information for the login steps. One of the most increasingly popular factors in MFA is a biometric login, such as a fingerprint scannner, or facelock on a cell phone.
Myth #2: Email Service Providers Take Care Of Security For UsYes, your email provider will help you, often by making the latest security tools available to you, and your team. For instance, GSuite (the paid email service from Google) does provide MFA protection for your entire team, however, if you do not turn this feature on, and train your team in using it, then you do not have this protection. Relying on your email provider, without ensuring that you are taking the appropriate steps, and taking advantage of the security tools provided to you is a mistake...and in many cases, a very costly one.
Myth #3: Trained & Smart Employees Will Obviously Know BetterIt is critical that your team receive detailed training in email security, the policies and best practices that your company has in place for protection, and what to do with potential threats, however, in most cases, this alone is not enough. Phishing and social engineering attacks are becoming more and more sophisticated, and dangerous everyday. Plus, with the amount of data (and the cost of that data in time and wealth) at stake in a cyber attack today, a comprehensive, ever-evolving email security program is the only way to ensure safety. On average, the cost of a cyber attack is about $3.8 million. And, roughly 90% of all cyber attacks are phishing attacks. If your main security feature is relying on employees to know which links and attachments in the hundreds of emails they receive on a day are safe, you may find yourself in a very dangerous situation sooner rather than later.
Myth #4: Secure Email Gateways (SEGs) Are EnoughAn SEG is a critical component of email security, often providing many key aspects of cyber security including:
- Malware Blocking
- Spam Filtering
- Content Filtering
- Email Archiving
The RealityIn reality, your email security needs to take advantage of all of these important attack-stopping tools and tactics. You should be using strong passwords, multi-factor authentication, all of the tools provided by your email providers, a detailed training program for team members, as well as the tools that an SEG provides. On top of that, you should regularly consult a cyber security expert who can audit your email security on a regular basis, and provide upgrades and improvements to keep your safe going forward as attacks become more dangerous, hard to spot, and costly.
Contact Xorca For The Best Business IT Services Today
Xorca has been the leader for business IT services Ithaca NY for more than 20 years. If you need IT or computer support, contact Xorca today for a no-hassle consultation and assessment. Call me today: (607) 539-3263.