By - Brittany Day
The COVID-19 pandemic has forced us all to embrace a 'new normal'. Companies have had to adjust operations, and many workers have been asked to work from home - either over a corporate network or a network tied to a cloud-based system like Office 365. While working remotely undoubtedly has its benefits in terms of safety, morale and decreased employee turnover, it has also brought on significant new challenges for businesses - one of the most serious being email security.
Email protection is important because of cyber threats like social attacks that target organizations via email. For example, phishing emails might trick users into giving up sensitive information, approving fake bills, or downloading malware that can go on to infect your company network.
Attackers are exploiting businesses’ increased reliance on frequently misconfigured cloud email and general lack of security resources and expertise, and are launching dangerous new email attack campaigns. Security researchers estimate that there has been a 600% increase in phishing attacks due to COVID-19, and the UK’s National Cyber Security Centre (NCSC) has released that 160,000 suspicious emails were reported over a 14 day period in June.
A successful phishing attack can have devastating consequences for businesses of all sizes including significant downtime, irreparable reputation damage and financial loss. Here are some actions that companies in all industries can take to safeguard their systems, their users and their data from phishing, ransomware and other persistent email attacks.
Implement a proactive, threat-ready cloud email security solution. Having a comprehensive, layered cloud email security solution in place that seamlessly complements default cloud email protection with critical additional security defenses is the single most effective step businesses can take to protect remote workers and sensitive data. Defense-in-depth is crucial in fortifying cloud email against advanced, emerging threats - the built-in security features provided to Office 365 and G Suite users alone are inadequate in safeguarding businesses’ key assets and reputation.
Think before you click! Take time to thoroughly evaluate each email you receive before clicking on links, downloading attachments or interacting with it in any way. For example, ask yourself: Does an order confirmation email you’ve received correspond to a recent purchase you have made? Do the sender and recipient addresses make sense? Does an offer seem too good to be true? If anything seems suspicious, make a phone call to the sender to confirm the legitimacy of the email. In a situation like this it truly is better to be safe than sorry.
Prevent infections with good cyber hygiene. What do computer viruses and the COVID-19 virus have in common? Turns out more than you may have thought. When it comes to safeguarding against email attacks and securing your systems, patching your operating system and applications is like washing your hands and not interacting with spam or phishing emails is like not touching your face. Implementing layered, threat-ready email protection that is capable of detecting highly evasive threats like fileless malware is akin to wearing a mask and keeping a six-foot distance from others in public. Fileless malware exploits trusted system programs, remaining undetected by traditional security software - just like an asymptomatic COVID-19 patient. Suddenly, the term “computer virus” seems more appropriate than ever.
Here are some email security best practices for staying safe online in this new remote work environment.
During this difficult, uncertain time and as we emerge from this crisis, it is more important than ever that individuals and organizations make email security a top priority in order to ensure that they remain safe in this time of heightened digital risk.