Common E-mail Security Mistakes

These five bad habits can make your confidential information -- and that of your clients -- easy to steal

While e-mail is one of the most widely used business applications, it isn’t a secure way to communicate, so the messages you receive every day are also a potential threat to your confidential and sensitive business information.

To help you protect your and your clients’ confidential information -- and to help you stay in compliance with state and federal regulations – secure messaging solution developer Nveloped put together this list of common e-mail security mistakes.

1. Sending confidential information in a regular e-mail 1. Sending confidential information in a regular e-mail

Traditional e-mail isn’t secure and does not have safeguards to protect your data or your client’s data. And sending separate e-mails with password information doesn’t provide more security -- it’s just as easy to intercept that message with the password.

Source: Nveloped

2. Clicking on links or opening attachments in unexpected messages 2. Clicking on links or opening attachments in unexpected messages

Clicking a link or opening an attachment in an unexpected e-mail message can infect your computer or your business’ systems with malware. If you receive an unexpected message that asks you to take some action (for example, “Click here to confirm your account details”), check with the sender to verify that they sent the original message to you.

Also, in most e-mail clients, the link address shows up at the bottom of the window when you hover your mouse over the link. That’s a good way to verify whether the link is “safe.” If the sender and link address don’t match up, it’s a good idea to check with your IT staff to confirm that the message is legitimate.

Source: Nveloped

3. Not protecting your password 3. Not protecting your password

Your password is the most direct way for someone to get into your e-mail account, so choosing a password that is complex (not “password”) and keeping it safe is extremely important. Many organizations now implement password policies that require a certain level of password complexity and periodic changes, but users also need to avoid writing down their passwords on sticky notes or posting them in their office where others can see them.

Source: Nveloped

4. Not verifying the sender of an e-mail message 4. Not verifying the sender of an e-mail message

In most e-mail clients today, there is a way to verify that the message actually came from the listed sender. In Gmail, for example, you can click on the small triangle next to the sender’s name, and it will show what e-mail server delivered the e-mail message. Messages that don’t have this information aren’t necessarily bad or untrustworthy, but you should be a bit cautious before clicking the links because the message sender has not been authenticated.

Source: Nveloped

5. Not asking your partners to communicate securely 5. Not asking your partners to communicate securely

There are many instances where an organization wants to communicate securely, but the partners they work with outside their organization continue to send information in a non-secure way. If you aren’t asking the other people and organizations with whom you communicate to also protect your sensitive data, it may still be at risk because your partners don’t have the right safeguards in place.

Source: Nveloped



Tax Tips for the Armed Forces

The IRS has put together its annual selection of advice for members of the military

View the slideshow >>


6 Tips for Retaining Millennials

Bruce Tulgan shares the best ways to keep your young stars

View the slideshow >>


Top 15 Accounting Firm Taglines

Our favorite firm slogans from around the CPA profession.

View the slideshow >>


Top 10 Challenges of Managing Multiple Accounting Offices

Consolidation in the accounting industry has resulted in more accounting firms juggling multiple locations. Maureen Schwartz, executive director of BKR International, provides a top 10 list of challenges as well as guidance for multiple-office practice management.

View the slideshow >>


What to Do When Your Identity Has Been Stolen

A step-by-step guide for victims of ID theft (and their advisors)

View the slideshow >>


The 'Tax Warrior' Creed

Philadelphia firm Drucker & Scaccetti creates a warrior mindset

View the slideshow >>


10 Tips for Fighting Tax-Related ID Theft

Constant vigilance is the price of fighting online fraud

View the slideshow >>


Taxpayers Speak!

A WalletHub survey reveals what your clients really think about taxes and more

View the slideshow >>


Top 10 Form W-2, 1099 and 1095 Myths vs. Realities

Greatland Corporation has compiled a list of misconceptions when it comes to tax-reporting requirements. Failing to understand the real truth behind these myths can cost a business extra money to file again or, even worse, to pay steep fines if reporting is not done in compliance with regulations.

View the slideshow >>


The Fastest-Growing Firms in the U.S.

The firms with the highest 2015 revenue growth from our Top 100 Firms/Regional Leaders list

View the slideshow >>