5 email security basics for every type of business

Email security can be hard. While making sure your business infrastructure is protected from threats like phishing attacks, business email compromise and ransomware hits is a must, knowing how to lay the foundations for your email security framework isn’t as easy as it might sound.

Just one quick Google search for the ‘best email protection’ will highlight the amalgam of offers out there, all aimed at securing your posture in an ever-growing threat landscape. There are masses of products on the market, a sea of solutions to choose from, and reams of ‘best-practice’ advice. 

But stripping it all back, what essential building blocks should make up the foundation of your business’ email security posture? In this blog, we’ll cover the 5 email security measures every business should have in place.

1. Secure Cloud-Based Email Hosting 

In its simplest form, cloud-based email gives businesses the tools they need to send, receive, and store messages via the internet. Whereas in the past, email client software was installed on computers to send and receive email, cloud-based hosting enables this to be done via a browser. 

This means that businesses and users can access their email from anywhere, aren’t weighed down by servers, can easily recover lost data in an emergency, and scale up or down in line with their business. 

From a security standpoint, cloud email hosting is the way forward. Not just because of the ease of use it offers, but because most cloud-based solutions offer maintenance and essential security like DMARC, 2FA, and good spam filtering as part of the package. 

Two of the most popular cloud-based email vendors are Microsoft M365 and Google Workspace.

2. DMARC policy in p=reject

If your business uses email in any capacity to communicate with customers, employees, or suppliers (let’s face it, this is most businesses), then it’s absolutely essential that your DMARC policy is configured at p=reject.

DMARC stands for Domain-based Message Authentication, Reporting, and Conformance, and it’s a globally standardized protocol which was founded in 2012. When configured correctly in p=reject, it protects your domain against exact impersonation using existing security protocols SPF and DKIM. This means that no bad actors can send fraudulent or phishing emails while pretending to be you by impersonating your domain.

By implementing DMARC, you’re protecting your customers, employees, supply chain and brand reputation from the often devastating effects of phishing scams, spear phishing, business email compromise, ransomware attacks, and more. You’re also contributing to the improved security of the wider email ecosystem. 

But there are other more business-based benefits of implementing DMARC too, such as improved deliverability and better inbox placement. This is because by implementing DMARC, you’re telling recipient servers that your emails are coming from a valid source. Then there’s Brand Indicators for Message Identification, or BIMI for short. Perhaps one of the most beneficial rewards for marketers, BIMI lets businesses attach their registered logo to any DMARC-authenticated emails they send. Not only does this boost brand impressions, but we found that showing a logo on an email positively impacts how the recipient interacts with it too.

As mentioned above, if you’re using a cloud vendor like Microsoft M365 or Google Workspace then good news, you’ll already have DMARC in place. But if not, then correct DMARC configuration is a must-do, both for the security and marketing benefits it provides. But we won’t lie, whiteknuckling the DMARC journey alone isn’t advised. It can be very difficult, and if done incorrectly, it can actually lead to more issues to do with deliverability. But that’s where our award-winning product OnDMARC comes into play, making DMARC configuration quick, easy and painless for everyone. 

Find out more

3. 2 Factor Authentication 

2 Factor Authentication (2FA) is essentially the practice of setting up an added layer of security to your email logins. It works by allowing an application to link your user to an authentication mechanism (i.e. an authenticator app). Each time it’s used, a unique verification code is generated and recognized by the application to confirm that your login is valid. 

2FA is an essential component in the quest to keep email accounts throughout your organization secure. This is because it protects from account takeover, especially if and when passwords are reused and leaked.

4. Password Management 

There’s a password for everything nowadays. And while it’s never a good idea to reuse or share passwords across devices, having a different one for every application and simultaneously conjuring any one of these up in your mind in your moment of need can be really challenging. 

So, a password manager does exactly what it says on the tin, securely storing the different passwords for your various accounts across the internet in one easy-to-access place. (That is of course, unless you forget your master password for that too).

We’ll admit, it’s not the most intuitive or high-tech solution to this seemingly universal problem. But until there’s a better approach, a Password Manager can be a useful way to ensure your passwords are secure and accessible. However, it’s worth remembering that while having a password manager is recommended, it’s never a substitute for 2FA. 

Google Chrome offers a free password manager, but there are also more advanced options like LastPass too. 

5. Spam Detection and File Scanning

While putting the right outbound email protection in place is vital, most businesses will also want to rest assured knowing there’s a sufficient layer of security identifying, mitigating and solving inbound email threats too.

That’s where Spam Detection and File Scanning solutions come in, examining inbound emails and attachments for all manner of threats. Most cloud-based vendors and more traditional SEGs offer these as part of their service. But if you’re not using one of these, it’s still an important extra layer to add to your foundational email security setup.  

Take the first step towards more secure email today

We hope this blog is useful in offering a straightforward run-down of the measures most essential for your business’ email security. To make a start on one of the most important steps today, sign up for your free OnDMARC trial below!

PUBLISHED BY

Sabrina Evans

5 Aug. 2021

SHARE ARTICLE:

Categories

Recent Posts

VIEW ALL
DMARC

2.3 million organizations embrace DMARC compliance

Jack Lilley

It has been one year since Google and Yahoo implemented stricter requirements for bulk email senders. Eleven months ago, Red Sift shared an update based on data from BIMI Radar, which revealed a concerning global readiness picture. Now, with a full year behind us, it’s time to evaluate the progress organizations have made in…

Read more
BIMI

VMC and CMC updates: 5 key takeaways

Jack Lilley

Verified Mark Certificates (VMCs) and Common Mark Certificates (CMCs) continue to evolve, and staying up to date is crucial for organizations looking to authenticate their logos and enhance brand trust in email communication, this includes adhering to version 1.7 of the Minimum Security Requirements.  In this blog, we break down the 5 key changes…

Read more
Certificates

Let’s Encrypt & Red Sift webinar recap: A new era for certificate…

Francesca Rünger-Field

Every day, businesses rely on TLS certificates to keep their digital operations secure. But when those certificates expire unexpectedly, the consequences can be severe—websites go down, critical services break, and customer trust is lost. Even as automation has made certificate issuance and renewal easier, it hasn’t eliminated the problem. Organizations still find themselves blindsided…

Read more
Cybersecurity

Moving cybersecurity upstream to achieve resilience

Sean Costigan

The traditional approach to cybersecurity—often tacked on as an afterthought—needs a serious overhaul. This was the consensus in the recent MN-ISSA sponsored fireside chat titled “Moving Cybersecurity Upstream to Achieve Resilience,” where industry experts gathered to explore the integration of security measures right from the early stages of software development and strategic planning. Held…

Read more