Unfortunately, people cause the most data breaches. One minute it’s a normal busy day in the office, next thing you know, you’ve accidentally clicked on the wrong link, opened the wrong attachment, given password information to an outsider, or allowed access to the network. In fact, 90% of all breaches are due to human error.
What can we do to protect ourselves against these threats?
A trusted advisor. Just as with any other profession, cyber security is a specialised field. Partner with a professional IT company to assist you in setting up the right tools and systems to protect your organisation.
Ongoing training. Implement security awareness training for all staff in your organisation. There are many products that provide continuous training with updates on current phishing schemes and cyber-attacks. These packages have great video clips, articles and the required training modules to keep you and your employees up to date, encouraging healthy cyber habits, and keeping your business compliant. Most of these packages run simulated phishing scenarios to keep employees alert to outside threats and prepare them for how to deal with these emails when they do make their way into your organisation. People are your best line of defense against these types of attacks.
Added security measures: Changing passwords frequently and having a second security layer are integral to securing your mailboxes. Implementing single sign on (SSO) allows you to integrate your mailbox passwords to your domain, thereby aligning your password change policies already active. Multi Factor Authentication (MFA) can be added as a second tier of protection. Preventing criminals from accessing your mailbox even if they manage to obtain your password through a phishing scam.
Added software protection: There are several companies that offer products to assist with mailbox data retention and protection software for your mailboxes. Threat protection add-on products offer great benefits such as protecting attachments (removing meta data from attachments before they reach the user) eliminating the threat of opening an email attachment that holds malicious code and protecting URL links by scanning each link for validity before releasing it into the mailbox. All mail is scanned before being released into the user’s mailbox offering an extra layer of security by quarantining suspicious mail or alerting uses to the fact that suspicious content was found.
Email is a daily part of business communication and taking the extra steps to secure your mailboxes and systems is a vital step for both the security of your business and those you do business with. Moore recommends clients to contact a professional IT company for advice on the best products and systems for your business.