Email Security Guide for Entrepreneurs
The impact of Sony Pictures being attacked by hackers is gradually presented to us. Therefore, we have noticed that business operation security is critical to any company. Whether you transmit valuable data or not, it is silly to think that your server is safe enough or that your data has no value. You will be attacked, which will cause losses.
One of the main targets of most cyberattacks is email. If your IT department and firewall work properly, the possibility of backend attacks is extremely low. Such attacks may occur, but the most valuable information exists in your email records. Your employees initiate a session via email. Your credit card number and password are stored in emails, and many destructive one-time files also appear in emails. In short, we are all dummies about trust in emails. However, we can avoid being stupid in some ways.
Here are two steps you can take to make your company safer.
Delete your email
Although you may have many reasons to save a large number of emails in your inbox, most of us can export this information after a certain amount of time. "There are important customer information here !" You will defend yourself in this way. However, this is not the case. You can store the information in the Customer Information Management (CRM) system. "I have built a powerful folder and Activity project system !" You may say this again. This is actually not the case. You have a bunch of emails. If you have to save your email, you can export it to a searchable database, such as DevonThink, so that the email leaves your email server. Is the active folder marked with colors really important to you? Buy a notebook and write down the information. I deleted my 98% email. If the email is still there, it must be an accident, or I will operate on it in the next hour. Email records are a lot of spam, but many of them contain information that hackers are interested in. Delete it.
Encrypt Your Email
For OS X users, we recommend using GPGTools as an encryption solution. Of course, you can also download Mailvelope for cross-platform Gmail encryption. However, GPGTools is a fully functional system that can help users encrypt files when they go out, which Mailvelope cannot do. If you use Windows, you will have other options, including GPG4Win. Smart Linux users can install their own PGP solutions. For simplicity, we focus on OS X here.
1. Install GPGTools. Download and install these tools from here.
2. Generate a public key/key pair. You will install the tool named GPG Keychain. This includes all your public keys and keys. The Public Key is public. You can share it with everyone else, and the key can only be known to you by yourself. Do not provide it to anyone else, and be cautious when exporting it.
When you generate a public key and a key, use a complex password string. This can be "I love the song 99 Luftballoons !!", It can also be "d4D99AX! 0 ^ xpork is my password ", but the password strings like" I like mom "and" porkninja "are too simple. This is the password you often use, so make sure that you can easily remember and enter it quickly. For good password protection, the biggest enemy is your lack of patience. Select "Upload Public Key" before generating the public key and key ". Then, the public key will be uploaded to popular public key servers, such as PGP. MIT. EDU or Keybase. io. Through these services, you can find your own public key and then use the public key to sign the email.
3. Start the Apple Mail application. Now, when you send an email, the email should be automatically signed. This means that you have already joined the public key encryption system. By using the public key to sign an email, you can not only prove that you are the real sender of the email, but also the recipient of the conversation can send you an email encrypted. You do not need to exchange keys with other users using PGP.
From the core point of view, the PGP system uses public key and symmetric encryption technology. Simply put, if Bob and Alice are talking, Bob's public key is paired with Alice's key, while Bob's key is paired with Alice's public key, these two passwords can be used to create a unique password. This will ensure that only Bob and Alice can decrypt these messages. You can also encrypt Group messages, which should be supported by most platforms. However, the number of supported messages may vary.
You are ready: The two blue icons indicate that the email will be signed and secure. Emails between me and her will always be secure!
4. Use PGP for all internal emails. Be sure to do this. Your email records will no longer be valuable to hackers, and your personal information will always be private. I know that you cannot use PGP with everyone, but if you think an email contains confidential information, please do not send an email without PGP encryption. Encourage your business partners to join your PGP system and encourage other entrepreneurs to read this article to ensure security.
Although I know that Sony may have multiple unprotected email accounts under attack in this incident, the possibility of mail server records being exported is also very high. Most of these emails only contain simple text information, and our goal is to make it no longer contain any simple text.
Are you ready? The following is the encrypted Public Key edited by TC:
John Biggs
Natasha Lomas
Frederic Lardinois
Catherine Shu
Jon Russell
Matthew Panzarino