You Mean…I Shouldn’t Post My Social Security Number in an Email?
If you hadn't previously thought that posting your social security number or other sensitive information in an email was a problem, you are definitely in need of this introduction to email security. Even if the answer to the above question is obvious, there may be facets of email security that you are not familiar with. It is so important to understand security when it concerns your email since email is a daily part of most individual's work (and personal) experience.
The Most Common Threats to Email Security
The most common threats to email security, at least the ones you hear about all the time on the news and over the internet have to do with scams. Here are the three most common threats that you most likely are already aware of if you've been using email for any length of time:
- Phishing Scams – You've seen these, perhaps in your spam box if you use Gmail or other services that automatically sort potential threats to your computer. Some account or another will lock you out if you don't immediately click on the link and verify your social security number and password. Don't do it! Do you hear me? These are almost always email phishing scams, out to steal your identity!
- Insecure Password and Account Hacking – One day, you sign into your email account, and in your sent box, are thousands of emails that you did not send. Don't click on the links in these, most likely they are viruses, or bots intended to capture information from you. Instead, report the hacking to your email service provider, change your password to something more secure, and send everyone in your address book a note of apology advising them not to click on the link.
- Forwarded Emails – I bet you thought I was going to say Nigerian scams! While Nigerian scams are a potential risk, forwarded emails are a much more prevalent risk in that you might not even think to be a risk (in fact, I bet you simply think chain emails are annoying)! However, forwarded emails also compromise all of the emails of individuals who have previously been forwarded the email. If you must forward on emails, be sure to remove any email addresses or notes that already appear. Also, send the forwarded email as a blind carbon copy, and remind the recipient to remove your name before forwarding on.
Image courtesy of sxc.hu/hoefi
Why Encryption is Important to Emails
Encryption is possibly one of the most important things to remember in receiving an introduction to email security. Encryption of email is a tool used to ensure that both sensitive and personal information cannot be seen by anyone other than the intended recipient. Should someone not have the key to unlock the encrypted email, then the email will either arrive blank or as a jumble of letters and numbers. There are encryption programs that you can (and should) use to protect your information.
Email Security Measures Beyond Encryption
Once encryption has been covered, there are additional methods to ensure that your email is secure. You should never leave email open where other eyes can view it, nor should you open any email when someone else can read over your shoulder. Be sure that any email attachment you may open is both something you are expecting to receive and something that has been scanned with anti-virus software. Look into investing in digital certificates to avoid problems with email fraud. Unfortunately, forged emails are increasingly becoming a problem, especially for large companies. Use IMAP protocol rather than POP protocol when downloading your email to an email client. Finally, ensure that your spam settings are always being updated, to keep unwanted email from getting through.
Breach in the System: Fixing Email Security Holes
If you find a breach in your system, don't panic. It's time to do damage control – and major damage control. The first step is to ensure that passwords are as secure as they possibly can be – this involves ensuring that passwords contain a mixture of upper and lower case letters, numbers, and symbols. Second, you will need to find out what sort of information was compromised. Depending on the nature of the breach, a police report may need to be filed. Finally, make sure to invest in one of the email security programs that are available to avoid the same breach occurring in the future and perform email security tests.