Do you need to kill email?

As the primary way to communicate electronically in most businesses, many of us will receive hundreds of emails a day. This can throw up a number of problems.  It can be difficult to manage the sheer numbers or prioritize important emails.  Mailbox limits can be reached quickly and searching for information in emails takes longer with the more items in your inbox.  It is worth considering how you communicate both inside your business and with supplier, customers and other stakeholders to make sure its still the best for your business.

There are many suggested best practices for sending and managing emails.  Some that include automation (like using outlook rules and spam filters) and others that don’t (like protocols for CCing in colleagues).  Different things work for different people depending on which role they do and what company they work for.

Another solution is to try and move some of the communication to a different app.  There are many that try and offer a different way to communicate and collaborate with colleagues from google docs and office 365 to Slack, Yammer, Workplace (formerly Facebook at Work), Verse, Skype for Business.   And those are just a handful of whats available.

Email is not going away and there are still plenty of important uses, especially as a more formal way of communicating with people outside your company.  For many companies it will remain the best solution for internal communications, but there are now plenty of alternatives to consider.

Ransomware

Ransomware has been in the news recently after it has emerged that a number of UK Universities and NHS Trusts have been targeted.

It is a type of software virus, commonly known as Malware, which locks a PC or some of its content and then demands a ransom payment to regain access.  The most common ways ransomware can end up on your PC is via an email download (e.g. an attachment), or with a download from a compromised site.  These are often disguised to look like legitimate files.  Ransomware can also infect your PC through ports open for the internet, like ones open for RDP.

Once your PC is infected with ransomware, it can be very difficult to remove or circumvent.  Some ransomware can also encrypt mapped drives (anything named e.g. d:, e:, f:, and k:), so could even affect USB or network drives. This could mean you lose access to all of your files, which could have a crippling effect on a small business.  Paying the ransom is not advised, as there is no guarantee you will get your data back, and there are very few legitimate ways to recover the data.

Having a solid prevention plan is the best way to avoid problems.  This should include:

Spam filter – filters out emails that it thinks contain malware.  No spam filter works perfectly, but it’s a good first line of defence

Firewall – a firewall may be able to detect any attempt by the ransomware to contact its server.  If it manages to disrupt this communication, the data can’t be encrypted

Anti-virus program – having reputable and up-to-date anti-virus software will protect your files, however malware gets updated and modified regularly, so it can be difficult for security companies to keep up

Regular Backups – If you are backing up regularly, you will be able to roll back to a version of files that weren’t infected with malware.  Having a robust backup plan is the best way to deal with the ransomware problem.

Most ransomware attacks are opportunistic in nature.  If you are careful about which files you open and have prepared a security plan, you should be able to avoid the trouble.

Is your online identity safe?

Finding out that one of your accounts has been hacked will cause huge headaches.  It can be just as bad if your passwords have been compromised by a data leak.  If you use the same login email and password for Salesforce as you do for your online banking then you could find yourself in even more trouble.

Passwords

The normal way for a system to check that you are who you say you are is for you to enter a user name and password.  If you don’t know the username or password you can’t access the account.  However, hackers have developed sophisticated ways to find out your password.

If your password is an English word comprised of six lower case letters then it can be cracked in seconds.  This gets more secure if you use a 9 digit password including lowercase letters, uppercase letters, numbers and symbols.  Using a full phrase as a password can be even more secure, especially if it is difficult to guess.  The stronger the password the more difficult it is too guess.

Ideally what you want to do is create individual, strong passwords for all your accounts.  Then if one of your passwords is hacked your other accounts aren’t as vulnerable.  Creating and remember secure passwords can be difficult.   An option is to use a password manager, like 1password, LastPass or mSecure, to set up very secure passwords.   You would need to make sure you had a very secure password for this though!

What is two factor authentication?

To keep applications secure, and make sure your data and identity is secure, many applications now allow two factor authentication.  This is also known as 2FA and 2-Step Verification.  This is a system that uses two different methods to verify your identity.

Usually they are different types of evidence.  Often it is your password and something else.  This can be something you know, like a password or passphrase, a memorable piece of information.  It could also be something you have, like using your mobile phone to receive a text or use an authentication app (i.e. duo or authy), or a bank security device like HSBCs secure key.    They could also be something specific to you, like your fingerprints or retina scans.

The more factors needed to verify your identity the more secure your account will be.  It will be difficult to hack into your account if you need to know your password and have your mobile phone.

You will be able to set up two factor authentication with most major applications, but you may need to navigate the settings menus to find the option.

Solution

Ideally you should have strong passwords or passphrases, different passwords for every account and have two factor authentication enabled where possible.  Even this doesn’t make you immune to a hack, but it will make it a lot more difficult for to access your accounts.