EM

AIL

S

ER

VE

R

A LOOK AT THE SECURITY OFYOUR EMAIL SERVER

2 | R E D N I G H T C O N S U L T I N G . C O M

Migrate. Manage. Empower.

Night 9 4 9 - 4 6 4 - 7 3 3 0 | S A L E S @ R E D N I G H T C O N S U L T I N G . C O M

As we’ve witnessed in the 2016 presidential campaign, email server security is not a subject to be taken lightly. Studies show on average businesses have a 1 in 3 chance of getting hacked. With hackers becoming increasingly smarter and skillful by the day, it’s important to maintain your email server security and follow best practices. Here is what you need to know when it comes to email server security:

The Dangers Your Email Server FacesIf a hacker gets into your email server and takes hold of your company files, there’s little you can do to protect yourself at that point. Attackers can use your information against you to do a variety of things such as control your company, access confidential information, or threaten you with ransom. For example, last year, the vehicle hire company MNH Platinum fell victim to a virus that encrypted over 12,000 of their files, threatening their entire business. A ransom threat followed demanding more than £3,000 for their files back.

52.4% of the phishing attacks

carried out last year were

against SMBs.

3 | R E D N I G H T C O N S U L T I N G . C O M

Migrate. Manage. Empower.

Night 9 4 9 - 4 6 4 - 7 3 3 0 | S A L E S @ R E D N I G H T C O N S U L T I N G . C O M

The largest target for these types of attacks are small/medium businesses (SMBs). According to the latest statistics from Symantec, more than half (52.4%) of the phishing attacks carried out last year were against SMBs.

Email is a frequent target of malicious attacks for many reasons: it’s been around for a while, so hackers have had a lot of time to understand how it works; it’s widely used and always available to attack; and it’s used to communicate with untrusted, external organizations. Here are some of the most common threats to email servers that SMBs should know about:

Malware and VirusesPossibly the most well-known way hackers attempt to get into your emails is by sending malicious software full of viruses, worms, Trojan horses, and spyware to your inbox. If these emails are opened, this danger is then released onto your email server and computer, giving the hacker control over your workstation and server. From there, they can monitor your activity and control what you can do, access your sensitive information, and much more.

4 | R E D N I G H T C O N S U L T I N G . C O M

Migrate. Manage. Empower.

Night 9 4 9 - 4 6 4 - 7 3 3 0 | S A L E S @ R E D N I G H T C O N S U L T I N G . C O M

PhishingPhishing is when you get an email that looks very, very similar to a trusted source, such as your boss or coworker. The intent of this practice is to convince the receiver to reveal personal information, such as passwords or financial numbers and secrets.

RansomwareAs discussed earlier, ransomware is when a hacker has a hold of all of your data, encrypts it, and demands a ransom from you in exchange for the decryption key.

Social EngineeringSocial engineering is different from the previous methods because it doesn’t attempt to hack into your system. Instead, the attacker tracks your email and your activity with it to gather sensitive information such as address or phone number.

With hackers becoming increasingly smarter and skillful by the day, it’s important to maintain your email server security and follow best practices.”

5 | R E D N I G H T C O N S U L T I N G . C O M

Migrate. Manage. Empower.

Night 9 4 9 - 4 6 4 - 7 3 3 0 | S A L E S @ R E D N I G H T C O N S U L T I N G . C O M

Once they have enough information, they may attempt to get into your email by correctly answering security questions, for example. only images are transmitted.

How to Protect Against These DangersCyber security expert Sarah Green says that one of the most dangerous mentalities for a small business to adopt is: “It’ll never happen to us.” It is never safe to assume that your network and email server are safe from harm. You should always at least adopt the basics. In fact, around 80% of cyber breaches can be stopped from simple, security basics, such as:

Educate Your EmployeesThe first step is to train your employees on basic email knowledge. Conduct awareness and training activities to educate your employees on how to effectively recognize malicious and suspicious messages, and how to handle them so they don’t fall victim.

6 | R E D N I G H T C O N S U L T I N G . C O M

Migrate. Manage. Empower.

Night 9 4 9 - 4 6 4 - 7 3 3 0 | S A L E S @ R E D N I G H T C O N S U L T I N G . C O M

Set Control SettingsAs an administrator, it’s important to control your overall network environment and its settings as well. For example, limit the access your employees have to certain controls. Allow them enough authority on programs to just do their job. Give them all different passwords as well. These precautions will prevent human error mistakes such as wiping out the email server, or putting important access and information in the wrong hands. Other security measures to take could also involve risk assessments, configuration management and change control, malware scanning and spam filtering tools, firewalls, and intrusion detection and prevention systems.

Constantly UpdateUpdates will keep hackers on their toes. How? Well, if you have the same email server system for a while, that gives them a lot of time to learn how it works and how to better hack it. If you constantly upgrade it though, security will just get tighter and tighter. Updates will also be better at detecting spam emails, which is always a good thing.

7 | R E D N I G H T C O N S U L T I N G . C O M

Migrate. Manage. Empower.

Night 9 4 9 - 4 6 4 - 7 3 3 0 | S A L E S @ R E D N I G H T C O N S U L T I N G . C O M

Frequently Test Your Security StrengthIt’s always a smart idea to periodically test your security measures to assess its strengths and weaknesses. This can be done through periodic vulnerability scanning.

Encryption, Encryption, Encryption Encryption is the process of converting information into a code to prevent unauthorized access. With encrypted data, only the intended receiver will have the authority to view this data. This protects your information from outside hackers who don’t have the right credentials. Encryption should be implemented as a very minimum in any company’s email server security practices.

80% of cyber breachescan be stopped from simple, security basics.

8 | R E D N I G H T C O N S U L T I N G . C O M

Migrate. Manage. Empower.

Night 9 4 9 - 4 6 4 - 7 3 3 0 | S A L E S @ R E D N I G H T C O N S U L T I N G . C O M

RedNight Consulting Makes Email Migration Towards Higher Security EasierAt RedNight Consulting, we take email server security very seriously. We are educated on all the threats out there and how to prevent them, and we have solutions that will give you the safety and security your data needs, such as Microsoft Exchange. It’s always wiser to put your trust in a professional rather than trying to manage things yourself. Plus, Exchange Online can be very affordable, reaching as low as $4 per user per month.

Don’t leave your email server at risk. Your whole business could fall into the hands of a malicious attacker if you do. Take the first step towards higher email server security and contact us today!

R E D N I G H T C O N S U L T I N G . C O M

12 Journey, Suite #280Aliso Viejo, CA 92656

9 4 9 - 4 6 4 - 7 3 3 0 | S A L E S @ R E D N I G H T C O N S U L T I N G . C O M