Become a Partner
Back to Resource Center

E-mail security in the workplace

E-mail security in the workplace

E-mail is the most important communication method in business. Today, e-mails have the same legal status as paper documents. But the use of e-mail entails the necessary risks for SMEs.

SMEs that do not have their e-mail security in order are particularly at risk. Are your company’s e-mail servers insufficiently secured? Then this can have major consequences for your company.

What are the risks of poor e-mail security?

If your company’s e-mail security is not in order, it poses a major risk to your company. Spam e-mails, phishing e-mails and spoofing are terms that may be familiar to you. These are techniques used by cybercriminals to enter your systems via your company’s e-mail server, to cause damage or to steal data, often for financial reasons.

Spam e-mails are not only a nuisance, but they can also be very harmful. For example, if an employee clicks on a link in the e-mail or opens an attachment, malware (malicious software) can be installed.

In the case of phishing e-mails, employees are redirected to a fake website, such as a website that looks identical to that of a bank.

With spoofing, criminals have managed to get into your e-mail server and send e-mails from your company name, such as spam. In addition to financial damage, you also incur reputational damage.

It goes without saying that poor e-mail security can wreak havoc. Not only can import data from your company be stolen, but cybercriminals can steal money. Your company’s reputation is also at stake.

E-mail security is required by law

Business e-mail security is not only a necessity to avoid the consequences of internet crime. As a company, you have a legal obligation under the General Data Protection Regulation (GDPR).

The AVG is a European regulation that obliges companies to handle the privacy-sensitive data of customers and relations with care.

It goes without saying that if you don’t have your e-mail security in order, cybercriminals have much easier access to confidential data. With good e-mail security in the workplace, you meet the conditions stated in the GDPR.

How do you ensure business e-mail security?

There are various methods to ensure business e-mail security. We list several security options with which you can improve the e-mail security of your company.

E-mail encryption

A commonly used security method is e-mail encryption, i.e. encrypting all e-mails sent from your company.

E-mail encryption ensures that the text in an e-mail message is encrypted and converted to plain text. The recipient receives a so-called digital key to decrypt the message. E-mail encryption is done via a protocol that most companies and e-mail software programs use.

Set a strong e-mail password

Each e-mail account has a unique password that only the creator knows. You will be surprised how many companies and employees choose an easy password.

A good password has at least 12 characters and consists of upper and lower case letters, numbers and symbols. Do you want a strong password, but you have no inspiration yourself? There are digital password generators these days. Not only individual e-mail accounts must be provided with a password, but this also applies to the e-mail server itself.

Incidentally, a good password does not only apply to e-mail accounts and the e-mail server. Every employee must have a good password to log in. Ensure a screen is locked when the PC or laptop is not in use. In this way, unauthorized persons cannot physically use the PC if the employee is not there for a while. This prevents unauthorized access to e-mail accounts via unattended computers.

Set up an e-mail gateway

Prevent e-mails entering your organization from reaching the recipient directly, so you can delete malicious e-mails before they reach an employee. This can be done by installing an e-mail gateway on your e-mail server. All incoming e-mails are scanned for spam or malicious attachments. These e-mails are, as they were, set aside and do not enter the organization.

Set up a Sender Policy Framework (SPF).

In addition to checking incoming e-mails with a gateway, it is a good idea to check outgoing e-mails. Why? Because you can become a victim of spoofing, where your e-mail addresses can be used for spam, for example. A Sender Policy Framework (SPE) checks whether the person sending the e-mails is authorized to use the address. This also prevents your company’s e-mails from ending up in the spam box of the recipient.

Create awareness among employees about the risks

No matter how many technical gadgets you build into your e-mail systems, ultimately it is your team that poses the greatest risk to e-mail security. Spam e-mails do not open by themselves. This requires human work and people make mistakes.

Creating awareness among your employees is, therefore, very important. Offer your employees training on cyber security and how to use e-mail safely.

Guardey raises awareness of cyber risks. This is so that your employees recognize spam and phishing e-mails, for example, and damage to your organization is prevented.

Enter an e-mail policy

In addition to training, the introduction of an e-mail policy can raise awareness. With an e-mail policy, you place a lot of responsibility on the employee. For example, the e-mail policy states that it is prohibited to deliberately visit suspicious or unreliable websites or to send spam e-mails.

An e-mail policy is a big stick for employees to consciously e-mail. While policies vary by company, you can take a default e-mail policy and make specific adjustments to it.

Are you curious about what Guardey can do for your company? Start now completely free with Guardey and try it out for 14 days or schedule a demo if you want to learn more about Guardey.

Frequently Asked Questions

I already have a firewall, do I still need Guardey?

Relying solely on a firewall for cyber security leaves your organization vulnerable to evolving and sophisticated threats. Cyber attacks target multiple vectors, including vulnerabilities in software, employee endpoints and web applications. Guardey works in conjunction with the firewall.

Firewalls keep out up to 80% of online risks. With Guardey, it is transparent which online risks did make it through the firewall. In addition, human errors are still too often made, so also train employees to work responsibly online.

I already have a VPN, do I still need Guardey?

It’s good that you are already using a VPN. This makes you invisible to malicious people, but at the end of the day, employees can still be vulnerable by bringing in the wrong orders or wrong websites.

Guardey is more than a business VPN. Guardey also provides monitoring in the VPN tunnel. This detects online risks and allows a quick response.

We are too busy for weekly gamification. Why should I play the gamification?

These days we are all busy, we recognise that 😉 All the more important is employee awareness. Make sure employees don’t accidentally make mistakes due to pressure. After all, that only creates extra work.

That’s why our challenges are only a maximum of 5 minutes and can be done quickly in between. A new challenge becomes available every week. As an organisation, do you want to play these challenges every week, every two weeks or every month? Of course, that’s no problem either.

Can I also play just the gamification?

Short answer: yes! It is possible to play just the gamification.

Have you already taken sufficient cyber security measures for your employees in the office and outside the office? But can awareness still be worked on? Then you can also play just the gamification. This can already be done very easily in just the browser. Check out our game only package here.

Is Guardey effective against phishing attempts?

Phishing is especially dangerous when you don’t know you’re dealing with phishing. That’s why our cyber awarness game is the first step against phishing. Make people aware of the dangers and make sure they have the right knowledge so they don’t click on anything.

Further Guardey plays a crucial role in detecting suspicious online activities. For instance, if a member of your organization interacts with a website known for hosting phishing content, Guardey will promptly alert you about the potential risk. By providing this proactive alert system, Guardey aids in preventing users within your organization from falling prey to phishing scams.

Want to ask more questions?
Get a personal demo

Get the latest resources & news, delivered directly to your inbox.

Anouk ter Harmsel

Let's protect your business!

  • Try completely risk free
  • 24/7 support
Start 14-day free trial