// FEATURE // of an attack and the consequences of failing to follow email security best practices .
• Use Two-Factor Authentication ( 2FA ): 2FA adds an extra layer of security . This process ensures hackers cannot access a user ’ s account even if they manage to steal their password .
• Manage passwords better : Organisations should ensure all employees use a unique password for every account and regularly change their passwords . Deploying password manager software also helps , as users no longer have to worry about remembering long , complex passwords to access their accounts .
• Be aware of phishing emails : Phishing attacks are one of the biggest security threats facing businesses . Phishing emails are typically messages that claim to be from service providers , such as banks , that tell victims there is an important issue they need to resolve immediately . Organisations can prevent these attacks by combining email safety best practices and employee training with technology . This includes firewalls , Secure Email Gateways ( SEGs ), sandboxing and Uniform Resource Locator ( URL ) threat defence technologies that scan for malicious links , content and attachments .
• Encrypt Email : Encrypting emails ensures that emails are only received and read by the person they were intended for . It also gives email senders more control , including revoking access to messages sent to the wrong person and seeing when emails were opened and by whom .
• Improve endpoint and email security hygiene : Endpoint protection solutions enable organisations to monitor every device that connects to their networks . They can run system scans that track access and usage across the network , which can issue alerts and block traffic when potentially malicious activity is detected . This is especially important when users are accessing corporate systems from remote locations and when working from home .
Employees should also avoid additional security risks – such as using public or open Wi-Fi networks – and take advantage of tools like Virtual Private Networks ( VPNs ) that encrypt their browsing sessions . All of these security best practices are underpinned by strong email defences . This includes deploying firewalls and SEGs to protect employees from malware and phishing emails and secure organisations ’ email networks from harmful or malicious content . �
ONLY HALF ( 52 %) OF THE SURVEYED SMES HAVE A SECURITY SYSTEM IN PLACE TO PROTECT AGAINST EMAIL- BORNE ATTACKS .