Our lives are run through email. Not only does email manage our professional activities, but it follows us home as well. We use it as a form of online ID. We build a profile of ourselves in our inbox with each subscription and service we link. No longer are we simply sending communications to one another. We are crafting an epicenter of sensitive information that is fully readable and entirely unprotected.
For the amount of information entrusted in email, it is not surprising that it is the number one platform where privacy breaches occur. Organizations such as Canada Revenue Agency, healthcare providers and law firms are hyper aware of the risk of transmitting sensitive data over email. Yet, the majority of Canadians are not.
Emails are like Postcards:
Sending a postcard is very different than sending a sealed letter or certified mail. Postcards have your message written directly on the piece of mail, with no envelope to cover it. Anyone who comes in contact with a postcard can read the message before it arrives to the addressee.
Like a postcard, an email sent over SMTP (the standard protocol for email delivery) remains in plain text. The entirety of the email – from the subject line to the body of text, to your IP address and location information – is completely available to prying eyes, Internet service providers and malicious hackers.
Having a strong password does not guarantee the safety of email accounts. Hackers can work from the inside, sending out phishing scams disguised as promotional emails that contain weaponized
attachments. It is estimated that one in every hundred emails is a threat.
Advanced encryption may sound like a viable solution. However, a standard SMTP protocol is incapable of carrying out the encryption. So metadata that appears to be protected through this procedure never truly is.
3 steps to Securing Your Email Communications:
- Share data through secure and encrypted Cloud File Sharing Applications:
Sharing sensitive data safely is made possible by the use of cloud-based file sharing apps and inter-office messaging apps. These applications offer an encrypted solution to traditional
- When you must send emails use the webmail client:
Webmail or “web-based email” is an email client that runs on a web server. Rather than attaching your metadata to the device you are using, webmail ensures that it remains attached to the
server that you are using. This neutralizes the risk of operating on an insecure, susceptible device.
- When receiving emails, be weary of attachments / links:
The most common form of attack is when an unsolicited email is opened. In mere seconds, an intruder can access an entire
Not all of these emails are obvious deceptions. Some can closely mimic the appearance of colleague communications or a legitimate corporation. Anyone can fall victim to these scams.
The best way to protect yourself from an unwarranted incident is to take a moment to think before opening an attachment or
clicking a link.
If you receive an email providing shipping confirmation for an order of supplies, look to verify if is from a store that your company usually orders supplies from. If you don’t recognize
the name of the store, it could be fraudulent. Look carefully at the sender’s address. Sometimes they can appear very close to that of an authentic company, but with a minute misspelling or
Email-based attacks continue to evolve and it is up to users to remain aware. Keeping in mind at all times that email is not safe can help to curb the divulgence of sensitive data and improve your company’s approach to security. Better habits, coupled with the use of cloud-based alternatives, can solidify a safer workplace and safer data.