In the past, you could spot malicious email content simply by the funny wording or grammar mistakes in the email body. Today's cyber attack emails are designed and worded professionally, and they often appear to come from a trusted sender like your bank, your friend, or your employee. So how do you stop these kinds of emails from proliferating throughout your organization and compromising your systems and data? Continue reading to find out.
1. Awareness training
As a simple first step, you can provide employees with security awareness training. This can include using an application that sends out emails to staff containing links and attachments that they shouldn't click on. If the user does click the link, a message is displayed stating that it was sent by IT support as a training exercise. You can also publish training videos that explain how to spot phishing emails and stress the risks associated with clicking an email link or opening an email attachment from an unknown source.
In general, you can offer tips to your staff such as:
- Never send private information via email. Legitimate companies will never ask you to send passwords, credit card numbers, social security numbers, or any other important information via email.
If you receive an urgent message from a known contact, do not click any links or download any attachments. You should verify this contact intended to send you such an email, especially if the urgent message seems fishy.
- Even if you recognize the sender, it is best to access the website directly by typing it in your browser instead of clicking the link from your email. This is especially true for emails from financial institutions.
2. Beef up your traditional IT security systems
Your IT provider can offer layered security, firewall, antivirus, spam filtering, web protection, backup and patch management to lower your chances of being infected should a malicious email be sent to someone in your organization. Keep in mind, though, that these systems required diligent upkeep as they can become outdated very quickly. More and more outbreaks are occurring from cyber attack software that is brand new to the world--meaning your anti-virus software may not even know it's coming.
3. Layer on Microsoft Advanced Threat Detection
Even with the best awareness training, staff can sometimes get distracted or become less vigilant over time, which still leaves the chance that they could click on a link or an attachment that they shouldn't be opening.
If you use Microsoft Exchange Online or Office 365 for your email, you can layer on Microsoft's inexpensive Advanced Threat Detection software. This service protects email in real time against unknown and sophisticated attacks. All suspicious content goes through a real-time behavioral malware analysis that uses machine learning techniques to evaluate the content for suspicious activity. Unsafe attachments are sandboxed in a detonation chamber before being sent to recipients.
The advantage of using a tool like this is that it takes the human error factor out of the security equation.
4. Employ Multi-Factor Authentication
Multi-Factor Authentication (MFA) is a simple process whereby an application asks the user to confirm they are who they say they are. It uses two different methods to authenticate you, such as requiring that you enter a password and then enter a code sent as a text message to your mobile phone. Most third party applications (for example, your bank's online baking website) will ask you to set up multiple means of contacting you to verify who you are.
For internal applications, if your organization already uses Office 365, your IT administrator can set up MFA for your staff right from within the platform itself.
5. Use the best backup tools your company can afford
Consider, for a moment, what would happen if your company's critical data and applications were compromised in an attack. How would you manage this? The first--and most often under-appreciated--method is to have an excellent backup and recovery system.
How do you know if you already have a well-performing backup and recovery system? Below are some things to consider:
- Does the service provide your business with off-site cloud backups? The more isolated and protected your backups, the better.
- Does the service continuously back up your critical data and applications? If not, consider whether or not you could afford to lose your most critical data and applications for even a short period of time without severely impacting your company's profitability.
- How much productivity are you comfortable with losing if you lose access to your core business applications? Depending on the size and complexity of the backup being restored, it could take from half a day to a number of days just to restore. This means that your staff could be waiting a while before they can get back to doing their work, which could really affect your bottom line.
- Is the regular testing of your backups a standard practice in your organization? If not, your company runs the risk of having a backup that fails to restore during a time when you'll be needing it the most. Good backup services include automated testing of your backups.
While we have by no means covered an exhaustive list of ways to protect your business, we have covered the most critical. In general, the more you can automate the handling of malicious content, the better off your company will be.