Summary: Need help with PR? If you are looking for
a great PR firm, you've found one. Walker Sands is a leading Chicago PR
firm with a strong track record that makes it one of top national PR agencies..
E-mail: we hate it, but we love it and need it. More than 80% of small
business owners believe e-mail is a key to the success of their business,
according to a recent survey by SurePayroll, an online payroll service.
(article continues below useful links)
However, as small businesses rely more on e-mail their networks become
more vulnerable to increasingly sophisticated viruses and spam. According
to Gartner, 90% of all viruses and worms infect organizations via e-mail.
What is at risk? The very business itself. Losing data too often creates
a financial and operational burden that can scuttle your enterprise, and
conventional firewall/antivirus solutions are no longer sufficient against
all threats. Effective security solutions evolve continually to incorporate
advanced security technologies and security-conscious business practices.
To enhance e-mail security beyond common firewall and antivirus solutions,
small businesses today have a growing range of options, from high-end
software solutions to network appliances or managed third-party services.
But e-mail security is a two-way problem – what leaves an organization
in e-mail can be just as harmful as what's coming in. Highly regulated
organizations such as financial institutions and healthcare providers,
or those who contract with them, face legal exposure and liabilities if
employees send out sensitive client or patient information, from Social
Security and account numbers to confidential records.
For this reason, small businesses are turning to e-mail content filtering,
including the ability to block discrete attachments based on content,
both inbound and outbound. Content filtering can alleviate the increasing
challenges of compliance with corporate governance or regulatory compliance
measures such as the Health Insurance Portability and Accountability Act,
the Gramm-Leach-Bliley Act and Sarbanes-Oxley.
Human software
For all of the sophisticated hardware and software available to tighten
e-mail security, the most powerful component in an effective solution
is a community of informed and compliant users guided by savvy leadership.
Training users to avoid risky behaviors is the first step, and then there
are other practical steps that management can take to improve e-mail security:
* Implement an e-mail archiving system and establish a retention policy
for e-mail that is consistent with your corporate culture, regulatory
requirements and industry. Specify policies and controls for what can
be stored on user desktops and laptops and for how long, so important
data gets to storage devices that you can control and protect. Empower
your network administrators to enforce those policies, and that means
giving them the tools to do so.
* Make sure all key departments within your organization, such as legal,
IT and HR, understand the process and approve of your e-mail filtering,
retention, retrieval and analysis policies.
* Don't lose sight of the big picture. Stay tuned to how threats and anti-threat
solutions are evolving, identify issues before they turn into problem
areas for your business, and proactively take the steps to guard against
them. If you don't think you have the time to stay informed, lean on a
trusted technology partner who does – and keep in mind that the
time and investment to be proactive can be far less of a burden than the
costs of procrastination.
* Educate your staff on how to prevent viruses and worms from spreading
via e-mail attachments, and be sure they recognize phishing scams when
they see them. Make sure all employees know not to open executable files,
or any attachment from an unfamiliar address. Further, they should know
that viruses are not just spread from attachments, but can be found in
embedded items as well. The bottom line? Don't open spam or any e-mails
from unknown senders. From our lips to employees' ears…continually.
* Talk to other small businesses and see what is and isn't working for
them. Get your budget approved and do the necessary leg work – you'll
be glad you did.
In a society where instant communication is the norm, we take e-mail
for granted. Although it's easy to do so, there is no excuse for taking
shortcuts when it could compromise a carefully thought out security strategy.
E-mail should be treated like any other type of corporate data –
or any other opening to your building, for that matter – and should
be managed accordingly. E-mail security is a valuable component of business
security.
