Although we may think hackers are master codebreakers the truth is, they rely on human error to be successful. Email is the main way for them to exploit human error as criminals have a direct line to the vulnerable part of an organisation’s security. This being said, if a workforce isn’t aware of even the most basic email security best practices, how can you ensure a secure working environment? Let’s take a look at some of those best practices…


white and black list

Utilise Blacklist and Whitelists

Let’s start with the obvious – a list for reliable, trusted domains, and a list for those not so trustworthy domains… Blacklists and whitelists are the best way for making sure your teams are only being contacted from the right domains.

Spam Filter

Reduce spam with a good filter

A good spam filter is essential in all organisations. Not only for protecting against criminals, spam filters can really weed out distracting spam emails, although things will always slip through. Important note – impress on employees to never reply or click “unsubscribe” as this will confirm the legitimacy of their email address to the sender.

Gone Fishing

Gone phishin’

According to Barracuda, 93% of all cyber-attacks start with a phishing email, and better yet 97% of employees can’t reliable identify a phishing email. These are serious statistics. A phishing email is usually disguised as a familiar email e.g. a Pay Pal notification, to trick the victim into downloading a malware loaded ‘payload’ usually in the form of an attachment or link. Simulated phishing tests are proving popular in the IT world. Making sure your employees are clued up is the first line of defence against phishing attacks.

Speak to a member of the Focus team to start creating a strong cybersecurity culture in your organisation today.

Malware Scans

Performing malware scans

You can’t trash any email that looks unfamiliar. Then you’d likely be ditching legit items you want to see. Antivirus and anti-malware email security should be installed on top of a spam filter. This will scan all emails and attachments and alert an employee if there’s reason for concern.

Password Best Practice

Password Best Practice

Another easy win is creating strong, hard to guess passwords. I.e. abstract word and number combinations. Couple that with multi-factor authentication. This makes password logins require credentials on top of a username and password. Fingerprint scanning, facial recognition, security question etc.

Never use public WiFi for email access

Never use public WiFi for email access

Your typical WiFi hotspot is not run by an IT professional. Security is thus, lacking. Yes, boycotting public WiFi can be easier said than done. So, if 100% necessary, consider using encryption software.

In many ways, a business’s security is only as strong as its weakest employee. So, underpinning the above is sufficient education and training. This will make the first line of defence – humans – less prone to human error. Still, no strategy is fool proof. So, one final consideration is the frequent and automatic backup of all company data. This way, when threatened by a ransomware attack, a business can simply wipe and restore.

Speak to a member of the Focus team to start creating a strong cybersecurity culture in your organisation today.