Your email account is a gold mine for hackers. And yet many people still aren’t taking basic precautions to secure their accounts. Here are five essential steps for safe email.
Hacks are surprisingly commonplace. In 2014, for instance, nearly half of all American adults had some form of data stolen from corporate servers in a 12-month span, according to CNN. Credit cards, telephone numbers, and login credentials are falling into the hands of bad actors who can use that information to access linked accounts.
In addition, that is just one way hackers can work their way into your most private information. Whether you’re trying to secure your personal correspondence or lock down trade secrets, these five rules for email safety can save you from some of the most common and preventable hacks.
Always enable Two-Factor authentication
Using two-factor authentication (2FA) is a simple but powerful security measure. It ensures that even if someone has your password, they still need something else before they can get into your account. That something else may be a variety of things, from the answer to a secret question to a fingerprint. Some forms of authentication, such as SMS or email verification, are less secure than others. Be sure to choose an email provider with safe 2FA.
Ways how to configure 2FA or MFA for Outlook and/or OWA you can find on the Links here:
Take password security seriously
Everyone says this, but it doesn’t appear to be sinking in. A recent Google study found that the most common passwords are 123456, password, and 123456789. If you’ve got unhealthy password habits, we recommend using a password manager like 1Password, which helps you create a different, strong password for each of your online accounts. (Make sure you use the encrypted backup feature.) Your passwords should be at least 16 characters using a mix of numbers, letters, and punctuation. In this way you can fend off brute force attacks. Avoid writing down your passwords, and never share them with anyone. Never re-use passwords between different accounts.
Crackers use different dictionaries: English words, names, foreign words, phonetic patterns and so on for roots; two digits, dates, single symbols and so on for appendages. They run the dictionaries with various capitalizations and common substitutions: “$” for “s”, “@” for “a”, “1″ for “l” and so on. This guessing strategy quickly breaks about two-thirds of all passwords.
Recent password breaches at sites like Adobe have shown how insecure many of our passwords are. Here is a list of the most common passwords that turned up in the Adobe breach. It probably goes without saying: Avoid using these passwords.
123456 123456789 password admin 12345678 qwerty 1234567 111111 photoshop 123123 1234567890 000000 abc123 1234 adobe1 macromedia azerty iloveyou aaaaaa 654321
If you’re curious whether your chosen password is secure or not, you can run it through an online password checker like the one at OnlineDomainTools. To highlight the importance of a lengthy, random, unique password, the online checker has specific fields to show your password’s variation in characters, its appearance in dictionaries, and the time it would take for a brute force attack to crack it.
To create secure passwords there are many tools around the internet. One of them is this one.
Use encrypted email
Corporate data breaches have affected millions of people. Hackers have gotten into the servers of some of the largest companies in the world, including Yahoo!, LinkedIn, and Tumblr, stealing passwords, phone numbers, and credit cards. Switching to an encrypted email service, specifically one with end-to-end encryption provides a technical solution to this problem.
Encrypt single message or all outgoing messages with Outlook you can do in this way:
- In message that you are composing, click File > Properties.
- Click Security Settings, and then select the Encrypt message contents and attachments check box.
- Compose your message, and then click Send.
When you choose to encrypt all outgoing messages by default, you can write and send messages the same as with any other messages, but all potential recipients must have your digital ID to decode or view your messages.
- On the File tab. choose Options >Trust Center > Trust Center Settings.
- On the Email Security tab, under Encrypted email, select the Encrypt contents and attachments for outgoing messages check box.
- To change additional settings, such as choosing a specific certificate to use, click Settings.
Protect yourself from phishing attacks
Phishing is a common way hackers can gain access to your devices and accounts, and millions of people fall victim each year. Criminals send a legitimate-looking email asking you to click a link or download an attachment. The link may ask you to enter your password (i.e. send your credentials to the hacker) or automatically download malicious software.
Never download or click on anything from someone you don’t know.
If you want to know more about phishing prevention, you can follow up this link to the guys of PHISING.ORG. They have written an article about 10 ways to avoid phishing scams.
Microsoft has also written an article in their Safety & Security Center which I highly can recommend you to read.
Protect your devices
Here is an easy way to hack into someone’s email account: Steal their phone while they are using it. Often the most effective hacks are also the least low-tech. Device theft is one. Keylogging software and other types of spyware are also concerns. Be aware of your physical security when traveling and in public, and always set a password for your device.
If you are using a public computer, don’t forget to log off!
If you are using Microsoft 365 Business, you are pretty ready for protecting your devices. Microsoft has made a short video for this case which you can see below.
However, how about Mobile devices like phones or tablets? The solution from Microsoft is Intune! But, what is Intune?
Intune is a cloud-based service in the enterprise mobility management (EMM) space that helps enable your workforce to be productive while keeping your corporate data protected. With Intune, you can:
- Manage the mobile devices your workforce uses to access company data.
- Manage the mobile apps your workforce uses.
- Protect your company information by helping to control the way your workforce accesses and shares it.
- Ensure devices and apps are compliant with company security requirements.
How does Intune work?
Intune is the component of Enterprise Mobility + Security (EMS) that manages mobile devices and apps. It integrates closely with other EMS components like Azure Active Directory (Azure AD) for identity and access control and Azure Information Protection for data protection. When you use it with Office 365, you can enable your workforce to be productive on all their devices, while keeping your organization’s information protected.
If you want to know more about Intune simply follow this Link to the website.