A truly bizarre presidential election will ultimately prove a benefit for better cyber & email security, writes Rob Martin.
‘You are the weakest link, goodbye!’ That’s a pretty harsh way to describe people when it comes to email security, but it’s true.
People really are the weakest link when it comes to security and never before has there been so much focus on email, servers, passwords and hacking attempts.
Like most people you’re still picking your jaw off the floor after an astonishing US presidential election when email was front and centre of the remarkably unexpected and bitter campaign.
Poor email security may have cost Hillary her dreams of being president. Every day it costs many people their jobs.
That’s the thing about out all is this; you and your company are just as likely to be hacked or targeted as Hillary Clinton, the DNC or any individual or organisation for that matter.
You don’t need to be famous to become a victim!
What the hackers were trying to do was take control of networks and data and personal information with sophisticated phishing tactics – two phishing emails were found on Hillary Clinton’s now famously unsecured server.
Regardless of their ultimate goals which may never be known, we can safely assume they sought control and influence of sensitive information – bad enough for a politician but a nightmare scenario for any business.
Arun Vishwanath, Associate Professor of Communication, University at Buffalo, State University of New York, recently produced a 5-point ‘checklist’ for better email security and cybersafety, or cyberhygiene as some people now call it.
The use of checklists in professions such as medicine or engineering where the likelihood of human error is high, is well-documented; applying this to your email security may save future heartache.
Among her suggestions for cyber safety, first published in The Conversation, are:
- Enable two-factor authentication (2FA). Most major online services, from Amazon to Apple, today support 2FA. When it’s set up, the system asks for a login and password – but then sends a unique numeric code to another device, using text message, email or a specialized app. Without access to that other device, the login is refused. That makes it much harder to hack into someone’s account – but users have to enable it themselves.
- Encrypt your internet traffic. A virtual private network (VPN) service encrypts digital communications, making it hard for hackers to intercept them.
- Everyone should subscribe to a VPN service, some of which are free, and use it whenever connecting a device to a public or unknown Wi-Fi network.
- Tighten up your password security. This is easier than it sounds, and the danger is real: Hackers often steal a login and password from one site and try to use it on others.
- Monitor your devices’ behind-the-scenes activities. Many computer programs and mobile apps keep running even when they are not actively in use.
- Never open hyperlinks or attachments in any emails that are suspicious.
Professor Vishwanath says that even when links appear to come from a friend or coworker, use extreme caution – their email address might have been compromised by someone trying to attack you.
Data breaches can be a disaster for large and small businesses, affecting the company’s reputation and its relationships with customers.
Just look at the flak Tesco received last month after its banking service was breached and money was taken out of the accounts of over 20,000 – or a tenth of all its customers.
Peace of Mind
Luckily, our customers can enjoy peace of mind with Groupmail – our email marketing software is designed for the customer’s complete control; the data lives on their own system, not ours.
That said, the checklist above is worth considering and it has some pretty sensible suggestions.
Nobody wants to be called the weakest link.