How safe is your email? More important, do you know what a "safe" email address would require, and what level of security it would provide?
Email-based security breaches don't make national news the way that corporate data hacks do, mostly because they don't affect consumer information the same way (in most cases). Personal abuses of email rarely hit the news either, since they occur on an individual level. One notable exception was the recent email scandal involving former Secretary of State Hillary Clinton, which brought national attention to the topic of "proper" email use.
Email security has evolved substantially in the past few years. Simple strategies that once established sufficient security entailed basic, practical tips like not opening email attachments from an unfamiliar source, but are these enough for today? Furthermore, what does the modern era demand from individuals who regularly employ multiple email accounts, both personal and professional?
If you don't know the answers, you should. In this article, we'll explore these ideas in two areas, though there will be some overlap: keeping your information safe and adhering to professional expectations.
Keeping Your Information Safe
There's no way around this: Information stored and sent over email is vulnerable. For example, if you post an email to your spouse with a banking password, anybody who monitors your connection (or gets into your account) can instantly retrieve it and gain access to your financial accounts.
Fortunately, hackers are lazy. They use automated processes to take care of most of the work, and prefer to go only after easy targets. If you can avoid making yourself one of those, you'll dramatically reduce your risk of suffering a breach.
How can you do this? The following best practices are a must:
- Don't open attachments in unfamiliar emails. This should be a given by now, but email attachments are still a popular way to circulate malware. All it takes is one click, and you could download harmful spyware. Only open attachments from familiar sources!
- Don't click on suspect links. If a link looks hidden, or if it comes from an unfamiliar source, don't click it. It might take you to an unspecified location and possibly inject malware into your machine when you attempt to download the page. Be aware of any discrepancies in links that look mostly but not entirely familiar, such as "Amaz0n" instead of "Amazon," and any shortened links.
- Pick a strong password (and change it regularly). This is crucial. A weak password is one that can be easily guessed, so come up with a password that has upper-case letters, lower-case letters, numbers, and symbols, and make it unrelated to your personal life. Then, change the password regularly to increase your security even further.
- Avoid unsecured WiFi. Unsecured Wi-Fi connections are open invitations to cybercriminals. They can gain public access to the system, and view any traffic you send or receive; which basically means they've gained access to your account. Always secure your home network, and be extra cautious when using unsecured public WiFi.
- Avoid sending unnecessary personal information. One type of scam, phishing, involves goading a user to send personal login information--usually under the guise of a communication from an official but familiar company. As a general rule, it's best to avoid sending any personal information over email (unless you absolutely have to).
Adhering to Professional Expectations
The line between "personal" and "professional" seems to become finer every year. As a point of reference, 68 percent of workers under the age of 30 think it's normal, even a necessary part of the job, to check work email from home.
This isn't a free license to use your work email however you'd like, though, and whenever you'd like. In fact, using your professional email account the wrong way could end up getting you fired.
So what are the expectations for professional email use? These can vary, but take the following as general guidelines:
- Don't use your personal email account for work purposes. This includes using your personal email account on the job as well as sending company documents to your personal account. The former is important because your employer has a right to monitor all traffic to and from your machine, which can leave your personal email exposed and reveal your use of it on company time (though, admittedly, many contemporary businesses are relaxed about this). The latter is important because your company could take legal action if it suspects you of corporate espionage or misuse of sensitive in-house information.
- Assume all your professional emails are monitored. Your company has a right to see everything you send and receive on your professional account. Assume that all your emails are monitored, and refrain from sending anything you wouldn't be comfortable with your boss seeing.
- Keep your email accounts on separate devices. This can feel like a bit of a pain, since most of us have gotten used to devices that store multiple email accounts, but if you want to play it as safe as you possibly can, maintain your work and private emails on separate devices. Technically, your company could seize and wipe any device that has company email data on it. Plus, this will help you avoid crossing lines accidentally.
If you want to protect your personal information and keep your job, you need to understand fully the best practices for both these key areas of email security. You don't need a fool-proof firewall or a full IT team to keep you in the clear; as you've seen, in most situations a little extra care and attention is all you need to stay professional and secure.