June 12, 2009 4 Comments
As TechRepublic writer Chad Perrin once noted in an article about email security tips:
“There’s a lot of information out there about securing your email. Much of it is advanced and doesn’t apply to the typical end user… When one can find end-user email security tips, they’re usually specific to a single mail client or mail user agent…”
His article goes on to outline some basic security tips that apply to all email users, but fails to remind people of the top rules of email security and protection.
We’ve outlined the top five rules of email security below. While many of these rules may seem like common knowledge, they create the basis for which all other email security and protection measures are built.
1. Email is not free.
Services such as Gmail deliver email to some people as a service without charging them a fee. But that does not mean that the service is free. Google harvests information about users and interests–even about the people who receive email from these services–and uses that information to sell advertising. If you conduct business through email this can be especially disconcerting because the Gmail End User License Agreement required to access their “free” services grants permission to Google to market to you and others. They will use the information in the emails to specifically target ads related to the content. The cost of “free” email is likely your information and list of recipients.
2. Spam can be beat (mostly).
Although not perfect, modern email applications and premium spam filters can achieve high levels of spam protection–often exceeding 99%. Remember two important things in this regard: spammers are a moving target, continually adjusting their techniques; the order of spam protections can be as important as the types of spam protections you implement.
3. Email lives forever.
It should be common knowledge by now, but it is worth repeating. Email lives forever and even the most thoroughly deleted and purged email thread should be assumed to have a copy or log existing somewhere that a clever IT professional can find a way to access.
4. Abuse detection is vital.
If you are running your own mail server, you should find one with various abuse detections on board. This includes features such as intrusion detection, throttling, connection blocking, harvest attack protection, and malicious script filtering, among others. It is also beneficial if the mail sever has an internal events/action/notification system in place to keep administrators informed in real-time.
5. Don’t forget viruses.
We place a lot of emphasis on spam protection. This is understandable because spam is arguably the biggest problem related to email and therefore virus attacks just do not get the media attention that they used to. But do not neglect on-board virus protection. Spammers want your money and information–virus creators just want to hurt you and your systems. It is the Web-world difference between a grifter and a sociopath.
This post was written by Tiffany D., a marketing and technical communications specialist for SmarterTools. If you liked this post, please consider subscribing to the SmarterTools Blog so you don’t miss an update.