by Karl Jacobs, CEO of Cloudmark
Email security is becoming a critical concern for small businesses today as email infrastructure is under constant attack from spam, viruses and fraud attacks. Spam, known as unsolicited e-mail, has become the single largest nuisance for Internet users with an estimated 45% of all email being defined as spam, costing business world-wide a total of $20 billion a year in lost productivity and technology expenses, according to the Radicati Group, a market research firm in Palo Alto, CA.
The need for small businesses to eliminate spam and fraud is just as critical as it is for large enterprises. Spam and viruses rank as the top two security breaches for small and medium sized businesses (SMB’s), with over 80 percent falling victim to security breaches, which lead to a major loss in business productivity (source: Yankee Group).
Following are a few critical tips from expert Karl Jacob, CEO of Cloudmark, to help your small business take that leap to a more productive workplace that is totally free from spam and phishing attacks even if you have minimal, or no IT staff. Don’t wait for an attack to happen before figuring out what to do. Fraudulent emails known as ‘phishing’ are on the rise, and you need to start now to reduce your business risk profile and develop response plans.
1. Educate employees on secure e-mail usage
The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.
CashApp us
Venmo us
Paypal us
Make sure your employees know to avoid filling out forms in email messages that ask for personal financial information. This affects all employees, especially those booking hotels, travel, human resources, purchasing department etc. Legitimate companies will not ask for this information via email.
Also, as website and email sender addresses are frequently faked, it is always safer for users to log directly onto the website address in your browser, or even call the company by phone. For example, a phishing email may open a near replica of a bank website and a pop up message will appear that directs the individual to “please confirm financial information”.
If one of your employee’s initiates a transaction that asks to provide personal or financial information through an organization’s website, ensure that they know to look for indicators that the site is secure, like checking the beginning of the web address URL for a website that begins https: (the “s” stands for ‘secure’) In addition, there are solutions available that will automatically ensure website links are legitimate, so that you don’t have to worry.
2. Be aware of “phishing” and make sure your employees are protected
For small businesses, now is the time to educate their users on how to spot a phishing attack.
Phishing is a high-tech scam that uses spam, pop-up messages or counterfeit websites to deceive users into disclosing your credit card numbers, bank account information, social security number, passwords, or other sensitive information. Some 3% of those targeted by phishers reveal personal information; according to a study released in April by research firm Gartner. The message may pop up while you are online or take the form of an email notification that says you need to update or validate your individual or company account information. These attempts can often be recognized through grammatical errors and general language that is improper for corporation-to-customer communications.
3. Protect your business from being ‘phished’
For small businesses phishing can be especially pernicious, putting owners and employees at risk of online fraud, identity theft and outright robbery. What’s more, phishing also threatens future operations as phishers’ scam email marketing, causing users to have less trust in email messaging.
A number of companies that have been stung by phishing scams are taking the opportunity to improve their communications with customers. Ensure that your business is engaged in stronger customer authentication on your Web site and outline how you customarily communicate with customers. Authentication on your website removes phishers’ profit motives and if they can’t abuse stolen passwords and identity information, they will stop stealing them. Other ways to protect your company is to use digital signatures to sign outbound mail and provide signature verification at the gateway or email client.
It is important to have a solution that protects your company from being phished not only for financial reasons but to re-assure your customers and maintain their trust in working with your company over email or via your website.
4. Let your employees have some control
Look for spam-filtering solution that let users go in and sort through their own junk, incase they have a particular mailing for example that they would like to receive and will feel empowered. Also, have a procedure in place so that users can report spam and you can in turn report it to your ISP or the Feds at FTC.gov. Although, such reporting is not necessary with solutions such as Cloudmark Exchange Edition, or Cloudmark SafetyBar which automatically protect users from fraudulent email crime before it happens and provide a ‘block fraud’ and ‘block spam’ button that you can click on. These solutions not only protect the individual but the entire community of over one million users and thousands of businesses.
Also decide how lenient you want to be when it comes to employees using your business systems for personal use. As your company grows in numbers, often internal spam, such as forwarding jokes for example can become one of your biggest spam problems.
5. Choose an email security solution that is right for you
SMB’s require a different type of solution, as typically small businesses do not have dedicated IT resources to support its infrastructure. SMBs often can’t afford the upfront investment in technology to help meet these challenges and should look to solutions that do not require an IT resource, are easy to use and are specifically designed with small businesses in mind.
Make sure your email protection is providing you with everything you need and protecting employees. If you aren’t happy with your current solution then consider trading up to something better. Depending on the email security solution (if any) you use it may be likely that you are receiving a growing amount of “junk” email (otherwise known as spam) on a daily basis. Researchers estimate that spam represents anywhere from 30-70 percent of all email traffic. However, there are now solutions available such as those from Cloudmark that are tailored for small businesses and are proven to stop over 98 percent of spam with zero false positives, protecting you from unwanted junk mail, fraud and all dangerous email threats. Email security products such as these will increase productivity by avoiding the annoyance of unwanted emails and protect your company from falling victim to email security breaches.
To find out more information on how to protect your small business visit www.cloudmark.com
About Author
Karl Jacob is currently CEO of Cloudmark, the company that delivers the immune system for email; Karl is a member of both the Anti Phishing Work Group (APWG) and Information Technology Association of America (ITAA) and a thought leader and visionary in the email security space.
The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.
CashApp us
Venmo us
Paypal us
I have recently been working with a company who has become completely over run with spam due to poor education on email security and security in general. thanks for providing this it was a good read.