For Your Screens Only – Safer Communication Online

Whether you enjoy composing a concise and well-worded message to your colleagues or dread the sight of a full inbox email is an inevitable part of working life and running a business. With so much information flying through the air, be it in the body of a message or an attachment, it’s important that when […]

Article Info

February 23rd 2015 6 mins

    Whether you enjoy composing a concise and well-worded message to your colleagues or dread the sight of a full inbox email is an inevitable part of working life and running a business. With so much information flying through the air, be it in the body of a message or an attachment, it’s important that when your employees are catching these digital carrier pigeons in their inboxes no private information is slipping through the net.

    It’s not only email you should worry about either as there are an increasing number of ways to digitally transfer information. Below are a few tips on how to help your employees reduce the risk of data going astray and keep sensitive information from prying eyes.

    Setting a secure password

    As with any service where you require a password to login the first and simplest step towards making your email more secure is to set a secure password. Strong email passwords contain a combination of letters, number and characters and if it’s a company email it won’t contain the company’s name. It’s also a good idea not to share passwords in an email but transfer them “out of band”, that means in person, on the phone, or through a private chat system.

    Understanding SSL

    Most email servers will support SSL, the basic means of encrypting email data in transit, but it’s a good idea to double check if you’re not sure. If you’re using an email client such as Apple’s Mail or Microsoft’s Outlook navigate to the settings for your account. In these settings – usually in the same place where your username and password is – there should be a tickbox or dropdown menu to enable SSL encryption. If SSL isn’t selected refer to your email provider’s documentation to find out if it’s supported and how you can enable it. Not having it enabled means that anyone who intercepts your message between your email client and the server will be able to see not only the contents of your message but your password as well. For those who view their emails in a web browser it’s easy to tell whether SSL is enabled as the url of the login page will begin with “https:” instead of “http:” and there will be a lock symbol located somewhere in the vicinity of the address bar.

    Snap, Crackle, IMAP and POP

    When using an email client you have a choice of two ways of receiving your email, via IMAP (Internet Message Access Protocol) and POP (Post Office Protocol). IMAP stores your messages on an email server and downloads them to your client on whichever device you’re using. POP on the other hand, like a post office as the name suggests, downloads the message to the client you’re using at the time and then deletes it off the server. The security argument is that if your email account were compromised when using POP whoever was hacking into your account would only be able to see your most recent emails, instead of all of them. POP isn’t foolproof though and IMAP can be configured to synchronise only certain emails with your client. Ultimately given the benefits of IMAP, and its flexibility, there’s no real reason to worry as long you’re careful with your password and it’s a strong one.

    Securing your real-time communications

    Of course email isn’t the only way of communicating in the workplace and VoIP (voice over IP) services like Skype are now commonplace, replacing the humble landline for calls with people in faraway places and for virtual meetings. While there are risks of snoops listening to your conversation the risk is mainly from government authorities, and most services will encrypt your communications. If you want to double check it’s always a good idea to review the privacy policy of the service you’re using, to see whether they encrypt your data and if there’s any risk of it being shared with any third parties. If you’re still worried about your online chats being spied on then one option is to use a less popular service that isn’t so likely to be a major target for hackers.

    Facebook’s Walls have Ears

    The word “Facebook” is synonymous with the phrase “invasion of privacy” so it’s worth being a little cautious about what you post on your company page, or any of your social media channels. The best tip for staying secure on social media is once again, setting a secure password, and realising from the outset that everything you post is public (after all you want it to be). Protect your sensitive information by not sharing it in the first place, protect  your employees by not giving away too much personal information about them and if you need to exchange any sensitive information with a follower through  your social network’s messaging system continue the conversation via email.

    Practise safe sharing with your files

    For many small businesses Dropbox will be the go to file sharing service and while it’s got a good reputation for keeping its clouds safe from hackers there’s a couple of ways you can improve the security of the files you share. The first is to invite someone to view a folder, rather than share a direct link with them, as once the link is out there anyone will be able to use it if leaks out. Similar principles apply to Google Drive too. The other is to encrypt your files before you upload them using a program like 7-zip, and this goes for file sharing in general – not just for Dropbox. Many document creating programmes such as Microsoft Word will also let you set a password for your file. While there’s plenty you can do to keep your business’s data safe the security of a website, the data stored on it, and the associated email addresses,  ultimately starts with the host. Here at Vu Online we’re always striving to improve our security, making sure our websites are hosted on the most secure servers and that our customers get the peace of mind they deserve. Apple’s Health Kit API is available now for developers to start coding their own apps for the next health revolution.

    Do you know anyone who may be interested in this project?

    Click to share: