A Guide to Email Security
In many sectors of society, the preferred method of communication is through email. Using email is an easy and cost-efficient messaging solution but businesses must take care to protect the data they transmit both in the body of the message and the attachment it carries. Every time you send an email, you face a lot of threats including the interception of messages, modification or origin or content, forgery of content or origin by an outsider, forgery of origin or content by the recipient, or the denial of massage transmission.
Many times we send email that contain confidential or financial data to people within our company or sometimes even to people outside the company. An unencrypted email can be monitored and intercepted in many ways. If this is the case, then your emails can easily be read, copied, and modified by unauthorized or malicious persons. These malicious users retrieve someone’s personal data and with this he can do a lot of bad things like emptying the victim’s financial accounts, run charges on existing credit cards, apply for loans, credit cards, services or benefits in the victims’ name, etc.
If email is monitored on a network, potential threats to recreate email from a company asking for sensitive information is allowed. Fraudulent mails or phishing as it is common called asks for personal information and other important data.
Phishing emails look exactly like the original complete with company logo, color scheme, and format. The phishing emails can look like it is coming from a bank or an internet vendor asking for information. The name for this deceptive attempt to gain information through fraudulent means is social engineering. The links in the email are changed to the one used by the phisher. You can be asked to log on to your account and other immediate actions that they demand. Phishers create web pages where you will be asked to enter your account name and password. If you want to prevent phishing and forgery happening to your emails, then take note of these important things.
There is a need to control and log access to systems, resources, and applications and protect against unauthorized use. To help prevent unauthorized persons accessing your email messages sent to someone else on a network, the network has to be secured using passwords or account names.
If you want to be protected from disguised attacks, authentication is important. The use of digital signatures is one integral mechanism for this service. You can authenticate identities with the use of unilateral authentication or mutual authentication. In mutual authentication, both parties verify each other. In unilateral authentication only one party verifies the identity.
The confidentiality and integrity of the email means that it can be transmitted secure without being modified in transit. When data is in transit, it is protected from unauthorized modification through confidentiality and integrity.