10 Best Practices for Email Security in 2021

Never take email security for granted. The age of technology has brought about numerous advancements to how people can communicate with each other–from letters, phone booths, wireless calls, and now, electronic mails. 

If you find yourself asking what email security is, then please take a seat. Most, if not all organizations use emails and even consider them as one of the most important communication channels in the workplace. Its flexibility in relaying a message from upcoming activities, clientele, team memorandums, and a handful more makes it a corporate weapon of its own. 

With so much information going around your email hub, it would be a shame to have people outside your professional and social circle get into your personal space. Unfortunately, that may just be the case. If a scammer somehow gets in your head and convinces you to click that forbidden link, it could, more or less, open a gap in your network–a gap big enough for them to invade. And let me tell you, a data breach is no walk in the park. There are a couple of platforms that ensure you another layer of encryption to further secure your emails, but greed is the fatal weapon of hackers and nosy competitors. 

Fret not, however, as there are countermeasures to this dilemma–and might I be bold in saying that these basic email security practices can go a long way in protecting your spaces from hundreds, no, thousands of threats. 

Best Email Security Practices in 2021:

1. Use a strong email password

You would be surprised by how many people use “123456” as passwords. Either that or they go full-send with “123456789”. With collectively more than 3 million people using both those passwords, this is something we should really talk about. 

This doesn’t only concern business email security, but even your personal accounts are in danger. Take, for example, robbers don’t spend their time wrecking your door, they spend most of their efforts in picking the lock. As much as it is stealing, it’s the cleanest way to your doorstep. At the end of the day, your password serves the same purpose. The easier your password is, the more likely they are to breach your account. 

Here are ways to deal with your passwords (some are encouraged by the platforms themselves): 

  • Use both upper and lower case letters
  • Include numbers and special characters
  • Veer away from birthdays, student IDs, hometowns, or anything else personal
  • Use phrases instead of words

2. Use two-factor authentication

It sounds like only a professional computer user can do this, but it isn’t that technical in the first place. It’s more of just adding another shield to your account–a second lock on the door. Thankfully, almost every email platform offers two-factor authentication but feel free to use another email provider if your current system doesn’t support it just yet. 

Basically, even if a hacker manages to guess your “123456” password, they’d be stopped by your two-factor authentication–meaning that there’s still a code they must enter before they get a sneak peek of your emails. Usually, these codes are sent to you by SMS, email, voice calls, or time-based one-time password (TOTP) apps.

3. Monitor your email habits

This is like training your fundamentals. It may sound simple, but this really pays in the long run. If you’re a professional, you’re most likely using your business emails for every step of the day. It’s basically just as important as eating and drinking water nowadays. With that, you should keep track of what you’ve been doing with your emails.

For starters, you can begin with knowing:

  • How many newsletters you’re subscribed to?
  • How often in a day are you sending emails and messages?
  • Do you spend most of your time on email threads from outside your organization?

You might not think of it as much, but all of these questions are closely related to risk factors to your business email security. To aid you in putting up tangible numbers, there are tools like EmailAnalytics to know more about your habits and what your possible email security risks are. 

4. Look out for “Phishing Emails”

Inspired by a great outdoor activity, “phishing emails” is one of the many ways of hackers in stealing your account information. Just like in fishing, you’ll be baited by these emails that require you to “log in” to your account but, realistically, you’re really just putting your email, password, and potentially other sensitive information into their systems. 

The most common phishing emails are ones that claim that they’re from the service providers you use—such as your bank or PayPal. If you’re not paying attention to the email address, tone of voice, and even the grammar of the email, you’re bound to lose business email security. 

5. Don’t open attachments without scanning them first

This cannot be stressed enough. Most of the time, your business account will solely be used to send and receive business emails. You might be expecting a breakdown of a project from the finance group and that’s all there is to it. That isn’t always the case, though, as some emails also come from unknown sources and even go as far as containing files for you to open. 

This might pique your curiosity. Plus, it might even be an official email and you can’t just put it straight to the trash bin. Now, you can use email security tools or improve email security measures to counteract this. For example, antivirus and/or anti-malware are tools that allow you to scan these attachments. If these programs tell you that there seems to be a problem, then, at the very least, you won’t hesitate in deleting the message and even blocking the user once and for all. Who knows? If you would’ve opened that file, there could’ve been a big chance for a breach. 

6. Never access emails from public WiFi

This is like yelling your Facebook password at a mall. As you may be aware by now, public WiFis are never, in the name of all internet providers, safe. You might as well have just invited the hacker straight into your network.

These cybercriminals only need basic software to know what kinds of information are passing through that network. To avoid this from ever happening, encourage your peers and fellow employees to use mobile internet whenever they’re outside of the office. Don’t mind if it isn’t as fast. As long as you know that it’s better than public WiFi services, then you’re good to go. 

7. Change your password as often as possible

You might be used to not changing passwords because it’s inconvenient to have to remember the changes, but the professional side of the world isn’t forgiving at all. One of the simplest email security practices is to change your passwords on a regular basis. 

Password leaks and data breaches happen every year and cybercriminals tend to sit it out for a certain period of time before attacking again. Treat your password as your first line of defense and changing it every year, which is a great minimum, will further refine your shield 

8. Be careful with the devices you use

Nowadays, a handful of companies encourage the bring-your-own device policy. As the name suggests, this allows employees to bring their own laptops and personal devices for their professional use. 

From a different perspective, however, this isn’t too advantageous if your device isn’t booted with the right email security tools and measures. Just be wary about your own devices as well. This also applies to not using every device you see to log in to your professional and business email accounts. Some devices are now equipped with remembering what was last typed, so be cautious of public laptops and computers. 

9. Avoid giving your email address away

Not everyone deserves to know your business email. With websites now lurking around asking for your email addresses, as long as you can avoid it, please do. Always remember that your professional email address will only be used for internal newsletters and updates. Some, however, have gone out of their way to even sell your information to third-party establishments and expose you to even bigger threats. It’s isn’t the most tech-savvy way to do it, but it’s a small step for man and a giant leap for email-kind. 

10. Log out of your email account when you’re finished

This is definitely a great (and fitting) way to cap off the 10 email security best practices list. When you’ve finally finished all your hours and had yourself a productive day. Don’t forget to give yourself a pat on the back–but most importantly, log out of your email as well. Alongside the 8th best practice on the list, you might be using an unfamiliar device and forget to log out. Might as well give the keys to your car as well while you’re at it. 

For the most part, practice this even on your personal device just as to familiarize yourself in doing it on unfamiliar devices if need be.