If you’re worth your salt as an administrator, you’ve already got network-level security in place. You’ve a decent authentication process in place, and you’ve firewalls and monitoring tools to guard against intrusion. That’s all well and good – but what about your internal and external communications?
Are you doing anything to protect against an employee accidentally forwarding an email to the wrong person? Do you have measures to protect your business against spear-phishing attacks? What about email-borne malware?
Fact is, in the modern enterprise, if you’re not taking steps to protect your email, your organization cannot be considered secure. Let’s talk about how you can change that.
Teach Your Users To Recognize Threats
Human error – the result of either ignorance or carelessness – is the cause of the majority of security breaches. While you can’t do much about the latter, you can address the former. Educate your employees on how to recognize the elements of a phishing email, and on the proper procedure for dealing with email-borne malware.
Encrypt Your Authentication Process
Authenticating your users is important – but if you don’t encrypt the authentication process, you’re asking for trouble. A malicious user can easily listen in on an unencrypted authentication session with the mail server, and then use that information to send emails disguised as someone from within the organization – someone in a position of trust. From there, it’s all downhill.
Use Digital Signing
There are plenty of black-hat tools out there that allow attackers to spoof an email address or signature – even if someone doesn’t crack your mail server, they can pose as one of your employees. Luckily, there’s an easy way around this problem: digital signing. By using PGP or GnuPG to digitally sign emails, you’ll ensure that any emails actually sent within your organization can be trusted – and that anything originating from without will be under immediate suspicion.
Protect Your Attachments
Traditional security perimeters have broken down. Today, sensitive files exist everywhere – meaning they’re often out of your control. In short, it’s really just a matter of time before someone compromises your critical data in some way, shape or form – if not your own employees, than someone from a partner or vendor. Wrap your sensitive email attachments in file-level encryption to ensure that you’ve control over them even if they leave your firewall.
Back Up Everything
Last, but certainly not least – create regular backups of your email server. That way, even if someone brings everything crashing down, your business won’t need to come grinding to a halt. You can simply restore things from your backup.
The modern security landscape is a complex, ever-changing beast. If you’re to protect your organization against the threats that exist in this climate, you need to adapt your approach – protecting your emails is just one step towards doing so.