5 Email Security Tips to Protect Your Small Business

By SmallBusinessComputing Staff | Posted March 15, 2011

Email has changed the way we communicate -- for better and for worse.  As businesses rely more and more on email communication, small business networks become more vulnerable to increasingly sophisticated malware programs, including computer viruses, worms, trojan horses and spyware.  Ignore small business security at your peril.

Small business owners and managers must examine what's at risk when they communicate sensitive data over email.  In most cases, it is network data and the business itself.  Data loss can create a financial and operational burden that can harm your business. Conventional firewall and antivirus solutions are no longer sufficient protection from current threats, which means it's critical to keep up with continually evolving security technologies and business practices. 

Small Business Email Security Appliances and Services

From high-end software solutions to network appliances, the number of email security options for small businesses is growing.  By separating email servers from applications and storage servers, small business owners can safeguard their organization from email attacks. 


email security

Additionally, you can maintain security measures primarily via automatic updates. This reduces maintenance costs and makes it simple, cost-effective and efficient to employ a separate security appliance.  Alternatively, many businesses are moving to hosted email security services, which are transparent to employees and lets management focus on other matters with the assurance that the hosted service is keeping their email secure.

Email Content Filtering

Email security is a two-way problem -- data that leaves an organization via email can be as harmful as what comes in, so small business owners must take countermeasures to mitigate the effects of spam and malicious email content, and they need to monitor the data that leaves through the email gateway.  Highly regulated organizations such as financial institutions and healthcare providers -- or companies that contract with them -- face liabilities if employees send out sensitive client or patient information, such as Social Security and account numbers or confidential records. 

An increasing number of small businesses use email content filtering, which lets them block discrete attachments based on content, both inbound and outbound.  Content filtering can help companies remain compliant with corporate governance or industry requirements, such as the Sarbanes-Oxley Act (SOX), which regulates companies’ audit and management standards.

5 Tips for Email Security Best Practices

Sophisticated hardware and software aside, the most powerful component of an effective email security solution is a community of informed and compliant employees with knowledgeable leadership.  Training employees to avoid risky behaviors is the first step, but there are other practical steps to improving email security:

  • Implement an email archiving system that can recognize email that is consistent with your corporate culture, regulatory requirements and industry  
  • Specify policies and controls regarding what can be stored on user desktops and laptops, so you can control and protect important data.  Further, empower your network administrators to enforce those policies by giving them the tools to do so
  • Be sure all key departments within your organization, such as legal, IT and HR, understand the policies; require them to sign off on your email filtering, retention, retrieval and analysis policies
  • Keep the big picture in mind. Staying attuned to how threats and anti-threat solutions are evolving, will better prepare you to identify problem areas for your business and to take the necessary steps to guard against them.  If you don’t think you have the time to monitor these threats, lean on a trusted technology partner who does. And remember -- the investment is worth it
  • It cannot be said enough:  educate your staff.  By teaching them how to prevent the spread of viruses and worms via email attachments and phishing scams, you are investing in your organization’s overall well being.  Make sure all employees are educated against opening spam or emails from unknown senders.  Reiterate this policy frequently.  Do your research.  Talk to other small businesses and see what is and is not working for them.  Get your budget approved and do the necessary leg work -- you won’t regret it

In a society where instant communication is the norm, it is easy to take email for granted -- but there is no excuse for shortcuts when it comes to security.  Take advantage of the available solutions, and encourage your network administrators to enforce security policies -- you, your employees and your clients will be happy that you did.

Chad Morris is a security specialist at CDW.

Small Business Computing is on Facebook. Join us on Facebook and interact with the site's editors, post messages, share your small business challenges and successes, discuss technology and suggest topics you'd like covered on Small Business Computing.

Do you have a comment or question about this article or other small business topics in general? Speak out in the SmallBusinessComputing.com Forums. Join the discussion today!


Comment and Contribute


     


    Get free tips, news and advice on how to make technology work harder for your business.

    Submit
    Learn more
     
    You have successfuly registered to
    Enterprise Apps Daily Newsletter
    • webcast video
      Microsoft Publisher Tips This video shows you how to create great-looking business brochures with Microsoft Publisher 2003.
    • webcast video
      Photoshop Tips In this video, we show you how to improve on or eliminate ugly and unwanted backgrounds.