Best practise for sending mail securely

Most of us rely heavily on email to communicate with our customers, partners and with each other at work. But e-mail is unfortunately also often the way a hacker uses to gain access to a company’s data, as a result of an employee having made a mistake. Having a good practice for using an email client is therefore crucial to having a safe email.

This blog goes into depth about how to have good email practices – that is, having some secure workflows when using an email client to send or receive email

Did you know that 91 % of all cyber attacks begin with a phishing email?

A bad email practice can lead to compromising personal information and company data. Here are some of the most common mistakes made:

• Errors in the recipient selection: Errors are made in the recipient selection, which leads to sending information to the wrong people via email, and thus risks exposing information. In this connection, one should be careful when using the CC field, the BCC field and “Reply all”. A mistake here could send a private email and/or your customers’ names and email addresses to thousands of people.
• Involuntary receipt of data: We do not allow people to send you personal and sensitive information in a secure manner. This results in people sharing personal and sensitive information with you via email, whether you have asked for it or not. This means that sensitive data accumulates together in the inbox, where you typically do not have data protected.
• Failing to delete mail: You fail to delete mail in the inbox or outbox. Many of the e-mails you have received or sent over the years contain personal information. If you store them for too long, it may be in violation of the GDPR and own policies on the protection of personal information.
• Lack of security: People are so comfortable using e-mail that they don’t think about the risks. One may not see the need to check whether emails are properly protected or consider whether it is even appropriate to send certain information in an email.
• Work emails are not private: The boss and others who are authorised have access to monitor and read each employee’s work email. This can expose people’s personal information more than necessary.

These errors are indicative of poor email practices and emphasise the importance of being careful when emailing.

Even the most careful users can fall prey to common email security flaws. Be aware of these pitfalls:

1. Double-check the recipient field before sending: Always be careful to check who is in the ‘To’, ‘CC’ and ‘BCC’ fields before sending an email. This is especially important when sending sensitive or confidential information. Consider using the email program’s features to warn when sending outside your organization or to large groups.
2. Be careful with “Reply All”: Educate employees on the correct use of “Reply”, “Reply All” and “Forward”, and emphasize potential consequences of misuse.
3. Create secure communication channels for sensitive information: Encourage customers and business partners to use secure platforms designed for exchanging sensitive data instead of regular emails. Consider implementing a secure form or secure email portal on the company’s website where people can send you personal information securely.
4. Regular cleaning and deletion of emails: Set up regular reminders to review and clean up your inbox and delete old emails that are no longer needed. Apply automatic policies to delete emails after a certain period, especially those containing personal data, in accordance with GDPR.
5. Phishing attempts: Learn to recognise suspicious emails. Phishing emails can look convincing and often ask for sensitive information or pressure you to click on malicious links.
6. Too much information: Be careful about how much personal information you share over email. Cybercriminals can collect this information and use it for identity theft.
7. Attachments: Do not open attachments or click on links from unknown or suspicious sources. Even emails that appear to come from acquaintances can be spoofed.