HP Tech@Work
Today's trends for tomorrow's business
6 steps to securing your email

6 Steps to Securing your Email

Is your company's email providing a tempting route for cyber criminals to attack your business? Hackers continue to target businesses with phishing attacks. Once opened, these malicious email messages can hijack an entire company's financial information and gain access to funds and personal information. Email is a business essential, but also an easy avenue for hackers to use and abuse.
How can you keep your business secure?

The human factor

Businesses of all sizes face vulnerabilities via email. When email accounts are hacked and compromised, cyber criminals can gain access to information including user names, telephone numbers, birthdates, passwords, and unencrypted security questions.
Email is a common entry point for hackers because it's an easy way to exploit the weak link in cybersecurity policies: humans. Employees rushing through their emails can easily click on a malicious link. No wonder that a recent survey reveals some 90% of cyber attacks initiate with email. [1]
Today, hackers are becoming more sophisticated than ever in their approach to email hacking. They've expanded from “phishing”—which tricks recipients into opening malicious emails or clicking on bad links—to now “spear phishing.” This new approach relies on emails that appear to be from a trusted sender, such as the company's CEO, a vendor, or the business's bank, in order to fool recipients. Companies affected by these attacks lost productivity, money, and intellectual property.

Email do's and don'ts

Don't wait for your business to be victimized before you take action. Taking a few simple steps can help shore up any email vulnerabilities your business may have. Here are the do's and don'ts to follow.
  • Do educate employees in the basics of email security. For example, remind them to pay attention to where an email came from before clicking on attachments or links. Cyber criminals excel at crafting legitimate-looking emails that appear to come from the IRS, banks, or health insurance providers. One clue to fraud is an email address that's slightly “off” (for instance, the letter “o” is replaced with the numeral “0” or the letter “l” is replaced with the numeral “1”). Grammatical errors, typos, and low-resolution logos are other warning signs. Explain to your team that financial, government, and law enforcement institutions do not request personal information or passwords via email. And teach them it's better to be safe than sorry: If an email from a familiar source seems strange, contact the sender to double-check its authenticity.
  • Don't make email your default communication method. Think twice about sharing sensitive data over email or attaching documents with sensitive information. Consider using cloud-based file-sharing services instead. (Make sure the service you choose uses appropriate security measures.) Send a link to the file and limit access only to those who need it.
  • Do require frequent password resets—at least every six months. Instruct employees how to create strong passwords and to keep them safe—not just posted on their computer or keyboard. Remind employees not to share their passwords with others. In case they give in to temptation, create an added layer of security by using PCs equipped with multi-factor authentication. Biometric identification such as fingerprints or facial recognition can provide additional security to reduce the risk of compromised emails.
  • Don't access your business email over public networks. While using a coffee shop's Wi-Fi to check your email is common for today's mobile workforce, it can put your business's data at risk. Public networks are vulnerable to hackers who can exploit your laptop or mobile device as an “in” to your business network. Set up a virtual private network (VPN) to use when accessing email outside the office, and enable two-factor authentication of your email accounts for times when a public network is your only option.
  • Do provide physical protection. Employees working on laptops in public places can expose email passwords to prying eyes. Shield your business from this risk by equipping notebooks with privacy filters. The HP EliteBook 1040 and HP EliteBook 840 feature HP's Sure View integrated privacy screen, which darkens at the touch of a button.[2] The HP WorkWise [3]smartphone app locks and unlocks your PC if you step away from it, and instantly alerts you if your PC is tampered with.
  • Don't forget to terminate email access as soon as an employee leaves the company. Even if a worker leaves on good terms, cyber criminals could discover the person's email password and use it to access your network. Shutting down former employees' email access protects against potential threats.

Better safe than sorry

Set and enforce strict email usage policies, enlist the right technology to protect your network, and you'll be able to rest assured you've done all you can to keep your business safe from email-based attacks.
[2] HP Sure View integrated privacy screen is an optional feature that must be configured at purchase expected to be available Q2 2017.
[3] HP WorkWise smartphone app is available as a free download on the Apple Store and Google Play.

Disclosure: Our site may get a share of revenue from the sale of the products featured on this page.

Disclaimer

Prices, specifications, availability and terms of offers may change without notice. Price protection, price matching or price guarantees do not apply to Intra-day, Daily Deals or limited-time promotions. Quantity limits may apply to orders, including orders for discounted and promotional items. Despite our best efforts, a small number of items may contain pricing, typography, or photography errors. Correct prices and promotions are validated at the time your order is placed. These terms apply only to products sold by HP.com; reseller offers may vary. Items sold by HP.com are not for immediate resale. Orders that do not comply with HP.com terms, conditions, and limitations may be cancelled. Contract and volume customers not eligible.

HP’s MSRP is subject to discount. HP’s MSRP price is shown as either a stand-alone price or as a strike-through price with a discounted or promotional price also listed. Discounted or promotional pricing is indicated by the presence of an additional higher MSRP strike-through price

The following applies to HP systems with Intel 6th Gen and other future-generation processors on systems shipping with Windows 7, Windows 8, Windows 8.1 or Windows 10 Pro systems downgraded to Windows 7 Professional, Windows 8 Pro, or Windows 8.1: This version of Windows running with the processor or chipsets used in this system has limited support from Microsoft. For more information about Microsoft’s support, please see Microsoft’s Support Lifecycle FAQ at https://support.microsoft.com/lifecycle

Ultrabook, Celeron, Celeron Inside, Core Inside, Intel, Intel Logo, Intel Atom, Intel Atom Inside, Intel Core, Intel Inside, Intel Inside Logo, Intel vPro, Itanium, Itanium Inside, Pentium, Pentium Inside, vPro Inside, Xeon, Xeon Phi, Xeon Inside, and Intel Optane are trademarks of Intel Corporation or its subsidiaries in the U.S. and/or other countries.

In-home warranty is available only on select customizable HP desktop PCs. Need for in-home service is determined by HP support representative. Customer may be required to run system self-test programs or correct reported faults by following advice given over phone. On-site services provided only if issue can't be corrected remotely. Service not available holidays and weekends.

HP will transfer your name and address information, IP address, products ordered and associated costs and other personal information related to processing your application to Bill Me Later®. Bill Me Later will use that data under its privacy policy.

Microsoft Windows 10: Not all features are available in all editions or versions of Windows 10. Systems may require upgraded and/or separately purchased hardware, drivers, software or BIOS update to take full advantage of Windows 10 functionality. Windows 10 is automatically updated, which is always enabled. ISP fees may apply and additional requirements may apply over time for updates. See http://www.microsoft.com.

HP Rewards qualifying and eligible products/purchases are defined as those from the following categories: Printers, Business PCs (Elite, Pro and Workstation brands), select Business Accessories and select Ink, Toner & Paper.