Top Three Email Security Tips
E-mail security is difficult.
The primary problem is that even if you take precautions to protect your end of the conversation, you can do little to secure the servers and clients in between and on the receiving end. For this, you need to ensure that all the servers in question are being scanned for security vulnerabilities from someone like Trust Guard. Honestly, there’s no way to make sure that is happening, as it requires access to everyone who visits your email profile. Some services like Gmail offer enabled-by-default encryption between your computer and their servers, but sending a message from one server to another is still often unencrypted.
1. Use an account from a major provider like Google, Microsoft, or Yahoo. Do they get hacked? Yes. Are they safer than most? Yes.
2. Use a strong password and two-factor authentication enabled. If your phone uses a fingerprint reader, take advantage of that added convenience by locking your phone with a strong alphanumeric password. Target a 12- to 14-character minimum, since shorter passwords are more susceptible to brute force attacks – the longer and more random the better. Two-step authentication (or 2FA) means using a combination of multiple credentials to get into your account, usually a password and a six-digit code sent to your phone or generated by an authenticator app.
3. For truly sensitive communications that you want to keep private, use Signal or WhatsApp or even Facebook Messenger’s “Secret Conversations” feature.
Delete old e-mails.
Another mitigating factor for the e-mail problem is message retention—someone with ten years’ worth of data to dig through is naturally going to reveal more about themselves than someone who only has six months of messages. Even free e-mail providers often give you so much storage space that it can be tempting to be a digital packrat and just keep everything, both for nostalgic reasons and just in case you ever need it for something. But the more communications you store, the more information that companies, law enforcement, and, most importantly, hackers have to track your wheelings and dealings.
Consider how important or sensitive your communications are, and consider how often you actually need old e-mails. Consider deleting e-mails at regular intervals—deleting things after one year or even six months can be a good way to start if this is something you’re worried about, and think about deleting unimportant messages even more frequently.
Encrypt your phones and computers that you use to access your email accounts.
Think of encryption as a massively complex decoder ring. When data is encrypted, it can only be accessed and read by a person or device that has the “key” needed to translate it back into its original form. It’s important to encrypt your communications, and it’s also important to encrypt the devices you use to access any sensitive data since that data can be stored on them locally whether you realize it or not. If the phone isn’t encrypted, it’s fairly easy to turn it on in the Security settings; protect the phone with a strong passcode afterward.
There are several ways to keep your emails protected from hackers. But nothing, it seems, is fool-proof for hackers that really, really want to access your email account. Still, it’s still worth it to use these strategies to make your personal and business information as secure as possible.