Where To Start with Tips and More
A Guide to Email Security
In many sectors of society, the preferred method of communication is through email. Today, there are many threats to email security, and although email is very convenient and easy to use, these threats can compromise messages that we transmit and the attachments that we send. Every time you send an email, you face a lot of threats including the interception of messages, modification or origin or content, forgery of content or origin by an outsider, forgery of origin or content by the recipient, or the denial of massage transmission.
Sending emails with confidential or financial data can be done to people within your company or sent to people outside of your company. An unencrypted email can be monitored and intercepted in many ways. If this is the case, then your emails can easily be read, copied, and modified by unauthorized or malicious persons. These malicious users can empty your financial accounts, run charges on your credit cards, apply for loans, etc, using the personal data that they have retrieved from an email.
If people are able to gain access to your email in your network, then you will definitely allow malicious people to be able to copy emails that ask for sensitive information. This is known as phishing or fraudulent mails trying to persuade individuals to give up important personal information such as an account name or password.
Phishing emails look exactly like the original complete with company logo, color scheme, and format. The phishing emails can look like it is coming from a bank or an internet vendor asking for information. The name for this deceptive attempt to gain information through fraudulent means is social engineering. The links in the email are changed to the one used by the phisher. Immediate actions are demanded in the emails including logging on to your accounts. They will also let you enter passwords and account names into a web page created by the phisher himself. Below are some important things that can help prevent phishing and forgery in emails.
A service that controls and logs access to systems, resources, and applications that protects against unauthorized use is called access control. To help prevent unauthorized persons accessing your email messages sent to someone else on a network, the network has to be secured using passwords or account names.
Authentication can prevent disguised attackes. With digital signatures the emails are authenticated. Two ways to authenticate identities is through unilateral or mutual authentication. The two parties have to verify each other in mutual authentication. In unilateral authentication only one party verifies the identity.
The confidentiality and integrity of the email means that it can be transmitted secure without being modified in transit. Data in transit is protected by confidentiality while unauthorized modification is ensured by integrity.
Resource: read this article