5 Ways to Improve Email Security

Emails popularity has been driven mainly by its low costs and ease of use. However from an IT perspective email infrastructure is quite vulnerable to a number of threats.

Such threats include:

  • Viruses such as worms and Trojan horses that enter networks via email
  • It is estimated that 60% of email traffic is now unwanted spam
  • Emails are being utilised more by criminals intent on obtaining your sensitive personal information through phishing attacks

Understanding the following elements will greatly assist you in ensuring your email system is stable and secure.

If you have been identified as a spammer your email server is listed on various ‘blacklists’ that may prevent your emails being received by the intended recipient. Note: If you have inadvertently been added to a blacklist you can appeal to have your mail server removed from the list. Check your status at www.blacklist.com (you will need your IP address).Spam: Early spam filters were based on finding keywords such as “free”, “Viagra” and other unprintable words. This method was very inefficient and easily defeated by spammers. As a result newer filters incorporate a second filtering level called a reputation filter. This reputation filter basically searches a database of more than 100,000 networks looking for mail servers with poor reputations.

Viruses: It is estimated that 90% of viruses are designed to generate spam. The virus leaves behind a program that covertly takes control of the computer and secretly sends out spam.

Virus protection is primarily done in two ways. Firstly it uses ’signatures’, a series of identifiers that search for known malicious attachments. This is generally not sufficient as virus programmers just create a new variant virus which takes anti-virus vendors time to identify, isolate and put measures in place to stop.

The second method is via an additional filter that looks for certain anomalies in email traffic such as a zipped executable file (exe files launch programs) and quarantines them for a certain amount of time (this is the delayed delivery message you sometimes receive when sending outbound emails).

By scanning your outbound email you can prevent confidential information from exiting your organisation, this might include things like confidential client records or patented processes.Outbound Scanning: For many small businesses the major email focus is stopping spam and viruses from coming into the organisation but equally important is the protection of your IP (Intellectual Property) and regulatory compliance.

There are a number of rules that govern what can and can’t be emailed to your email list and penalties for non-compliance.

When looking to implement an email security solution there are numerous considerations including how you handle the 3 areas above. Often software based solutions (off the shelf products like Norton, Trend Micro etc) provide a quick and easy solution but fall down as they easily fall out of date and rely on the user to action changes and manage. Increasingly Small Businesses are turning to managed email security services (a.k.a. SaaS—Software as a Service) to minimise their risk.

Richard Kemp – Watts Price Accountants
E: richardk@wattsprice.com.au

The advice provided on this Article is general advice only. It has been prepared without taking into account your objectives, financial situation or needs.