Email Security

EMailSecurity

Educate your employees and dedicate security staff to protect your franchise from email threats.

By Dan Hoban

Email is the main source of communication for all businesses, and one where employees go about their daily routine sending, receiving and opening emails and attachments with no thought of the potential risk that unsecured emails can do to themselves and the franchise. 

Email security is a critical risk for many companies and franchisees alike, which is why it’s important to ensure that your email security is up to date and employees are well educated. Hackers can gain access to your company’s network through employees’ emails. An unwanted email can contain an exploit that gives hackers unlimited access to your computer and your organization’s network. In fact, more than 90 percent of all attacks originate with emails. 

But there are a few things that franchisees can to do mitigate email threats.

Educate Employees

One of the best preventive strategies to protect against email threats is to educate employees. Most employees are unaware of the major security risks involved with email communications, even though employee errors are one of the main causes of data breach incidents in cyberattacks. 

Email threats can include phishing, spam and malware. Make sure that you’re actively communicating best practices with your employees and discussing the importance of cybersecurity. Franchises should have a formal program addressing potential email security threats where employees are educated on what these email threats look like and the harm they can do to the company. 

They should also be trained on best practices and tips to look out for. Simple preventive measures can have a big impact.  Make sure your employees follow these best practices:

  • Do not open files or click on links from people or organizations you do not know.
  • Independently verify the email “call to action.” Look up the phone number you are asked to call, find the website you’re asked to go to from the main company URL and contact someone you know within the company to verify the claims in the email.
  • Mind your business! If you are not in finances, don’t open invoices. If you are not in HR, don’t open resumes. If you’re not in purchasing, don’t check out a vendor’s online catalogue. These are often sources of infection, and can be avoided.
  • Links aren’t always what they appear to be. Hover over a link to make sure you are going to the URL you expect.
  • Encrypt sensitive data, which we’ll discuss below. Employees should know that they should encrypt sensitive data before sending, even to someone they know.
  • Manage your newsletters, spam, forwarded attachments from friends and other non-business related “junk” that enters your inbox. Aside from cluttering your inbox, they also tend to bring in security troubles. 

Dedicated Security Staff

With a dedicated security staff, IT experts can manage and monitor email threats as they enter your network. Additionally, because the threat landscape keeps changing, a dedicated security team can make proactive updates to technologies that are in place to keep up with the changing landscape in near real-time.

Oftentimes, franchisees don’t have the time, knowledge or resources to consistently monitor a network and detect potential threats. That is when you need to look at outsourcing or partnering. When there’s a staff dedicated to ensuring your network is secure, threats don’t go unnoticed. Turning a blind eye to these threats will not make them go away. Companies either need to deal with these threats proactively and ahead of time, or it will be too late and they will end up dealing with the threats when it makes a big impact on their franchise.   

Technology Techniques

Another key to ensure your email is secure is to make sure you have the right technology in place. If you’re looking to invest in technology that will prevent email hacks from occurring, make sure that the technology solution has these three features.

Email Encryption – Email encryption protects the content of an email from being ready by entities other than the intended recipient(s). When this feature is applied to secure emails, it allows for safe delivery of confidential and regulated emails. 

When hundreds and even thousands of emails are being sent out daily, a lot of times emails contain sensitive information that you don’t want to get in the hands of others. Email encryption extracts the content to be unreadable as the email is traveling from the sender to the recipient, so in the case that the email does get intercepted, they will not be able to read the content of the email. 

Content Inspection – Content inspection involves examining data patterns that are indicative of sensitive data, such as credit card and social security numbers, and looks for keywords that indicate sensitive information. It then captures this information and analyzes it for sensitivity. This technology, combined with a dedicated security team, can stop sensitive data from leaving your network.

Sandboxing – Sandboxing is a software management strategy that isolates applications from critical system resources and other programs. It allows emails, attachments or links to be opened and run in a contained, virtual environment before going to your actual network. This allows a security team a deeper analysis of any kind of suspicious emails or attachments that may not have a signature, so zero-day malware and other hidden threats are alerted. If those attachments do contain malicious content, an alert is then sent to a IT expert to then analyze the attachment for malicious activity, which avoids the chance of the recipient opening the email and infecting the network.

To effectively mitigate email threats, make sure employees at all levels of the organization are educated on email security, dedicate a staff of IT experts to monitor and manage your network, and ensure you have the right technology tools in place. While email security is consistently changing, a combination of these tasks is the only way to create a credible security posture. 

Dan Hoban is chief strategy officer at Nuspire, a state-of-the-science managed network security provider for some of the largest and most distinctive companies around the world. For more information, visit www.nuspire.com. 

 

Current Issue

Check out our latest Edition!

Contact Us

Franchising Today Magazine
150 N. Michigan Ave., Suite 900
Chicago, IL 60601

  312.676.1100
  312.676.1101

Click here for a full list of contacts.

Latest Edition

Spread The Love

Back To Top