Email security – Essential Guide

Email security is a priority for all businesses, with the growing threat of hackers, viruses spam, phishing and identity theft, as well as the need to secure business information.

Email security is a priority for all businesses, with the growing threat of hackers, viruses spam, phishing and identity theft, as well as the need to secure business information.

What are the different ways to secure your email and email users?

Email security is a multi-layered discipline which can involve using several types of security software and security technology.

As well as implementing security packages, good security practices and policies for your staff are also essential in securing your email communications.

Network security systems, that can protect the business as a whole, are also worth considering as these can help to block hackers and identity theft.

What email security settings should you use?

Make sure you use a spam filter, and scan your email attachments. Research has shown that nine out of every ten viruses that infect a computer reach it through an email attachment.

Instant messaging protection and email spyware protection are also available with many security software products, as are personal firewall tools, which come with the operating system and with many security suites.

Identity protection and content blocking can also go some way to help protect the user’s desktop, so ensure that these settings are optimised.

Can I encrypt my emails?

Lawyers and accountants are key users of email encryption software, which often comes as a hosted service or plug in module for Microsoft Outlook.

Email encryption technologies exist to protect individual sensitive emails. Software such as OpenPGP allows you to encrypt emails between the sender and recipient, to boost the security of the emails.

Email encryption uses a public key encoding system which has been termed military grade security because it is so hard to compromise.

What email security policies should I have?

Most businesses have trained their staff in the basic email usage rules and best practises, such as not opening emails from unreliable sources or clicking on web links in emails that you can’t trust for sure.

However, there are also other good usage policies that can help to secure your email and the business as a whole.

These include such things as using the bcc option with integrity, so that spammers do not get hold of large lists of names. Judicious use of the Forward and Reply All buttons are two other practises that can help to secure business communications.

It goes without saying that email and PC logins should be based on strong passwords, rather than ones that are easy to guess. Passwords should be changed regularly to maintain security, and never shared or displayed indiscreetly.

What security features does Microsoft Exchange Server have?

One of the most popular business email platforms, Microsoft Exchange Server has a number of built-in email protection features.

Among these are anti-spam and antivirus, as well as additional integrated filtering and multi-engine scanning capabilities, deigned to provide advanced protection.
 
The email platform also has compliance controls, to help firms meet legal and regulatory compliance requirements.
 
Exchange Server 2007 now has some confidential messaging components which will encrypt internal and Internet-based messages to help protect the confidentiality of those messages in transit.

Email Security Resources

  • Microsoft Exchange Server
    The popular Microsoft Exchange Server 2007 messaging platform has encryption, antvirus and anti-spam security features incorporated into the software.
  • Microsoft Exchange Hosted Encryption
    Microsoft has a hosted Internet-based encryption service for Exchange users. Microsoft Exchange Hosted Encryption provides policy-based encryption from sender to recipient with no end-user training or software installation.
  • Sophos PureMessage for Microsoft Exchange
    Sophos PureMessage for Microsoft Exchange is part of the vendor’s email security and data protection line and blocks spam, viruses, spyware and phishing. It scans all inbound, outbound and internal email and Exchange message stores.
  • Symantec Mail Security for Microsoft Exchange
    Symantec Mail Security 6.0 for Microsoft Exchange is a high-performance, integrated email security suite, offering protection against virus threats, spam, and security risks while enforcing internal policies on Microsoft Exchange 2000/2003/2007 servers.
  • Websense Email Security
    Websense Email Security provides email protection by blocking inbound and outbound email threats at the network gateway. It also guards against blended threats, offers granular policy control and reporting; and protects confidential data within email and attachments.
This was last published in July 2009

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more on Antivirus, firewall and IDS products

Join the conversation

5 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

We do employ spam filters and blocking of certain email attachments at my company. Also, everyone gets the occasional reminder to look out for phishing emails.

Regardless, the security team recently did a test by sending all employees a realistic looking email (something about shopping; we do have a corporate perks program from which you can sometimes get emails about deals, etc), but from an unknown address. Over 100 employees clicked on the link. So I guess that we still have a way to go as far as education. 
Cancel
It's a huge problem and our spam filters barely keep up. We need the public contact and we ask for the PR contacts, so there's a constant danger that we've tweaked everything too tight (and perfectly valid emails get flagged) or we loosen the screws too far (and all the junk flows through).

We make a point of updating our spam filters regularly with new black lists. And we try to always communicate internally. Whenr an email from some overly-generous prince happens to slip into the system, we make sure that everyone knows it's there and a threat That ongoing internal communication has been especially effective at stopping viruses before they spread.
Cancel
It's a huge problem and our spam filters barely keep up. We need the public contact and we ask for the PR contacts, so there's a constant danger that we've tweaked everything too tight (and perfectly valid emails get flagged) or we loosen the screws too far (and all the junk flows through).

We make a point of updating our spam filters regularly with new black lists. And we try to always communicate internally. Whenever an email from some overly-generous prince happens to slip into the system, we make sure that everyone knows it's there and a threat That ongoing internal communication has been especially effective at stopping viruses before they spread.
Cancel
Structural sanitization of email messages and attachments to prevent macro malware and ransomware should be added to the list.
Cancel
@Abby - thanks for sharing the experiment and the outcome. A great example of implementing a feedback loop.
Cancel

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close