Best practices for secure email for financial service providers

 2017-01-25 11:50 AM by
Best practices for secure email for financial service providers

I think it's safe to say that the days of transmitting information via 'snail mail', fax and inter-office 'postmen' are a thing of the past. Our world of instant gratification demands that information is transmitted instantly electronically. More than ever, your email and the data transmitted via email needs to be taken seriously. Financial service providers deal with confidential personal information, including financial reports, payroll information and often the contact details and private information of high net worth individuals.

Financial institutions and service providers need to take extra care when handling this information. In addition, don't forget about the POPI act. The Protection of Personal Information act needs to be taken seriously, as hefty fines may be levied on businesses that do not comply. Read more about the consequences of identity theft here.

We have compiled a list of ways to secure your email or to better manage your email so that you don't land yourself in hot water.

1. Be smart when giving out your (hopefully) secure email address.

This is especially true if it's your work email address. It probably makes sense to have multiple email addresses - don't use the same address for both business and private communications. Use a separate (gmail or other) account for personal communications.

2. Protect the secure email addresses of work colleagues.

Don't ever share other peoples' email addresses unless absolutely necessary. It is important to protect the private information of your fellow work force as much as you do your clients. Never forward chain messages sent insecurely to multiple recipients. Unsolicited emails are usually insecure and often expose coworkers, colleagues and other random e-mail addresses to unauthorized parties. In fact, it's a good idea to instantly delete spam of this nature without even bothering to open or read the message.

3. Protect yourself against phishing attacks.

Protecting your network against viruses. Phishing is an act whereby a hacker attaches a piece of malware or spyware (read more) to a spam email that is sent to users in the hope they open the attachment, which then grants access to your private information. This is a very easy way for hackers to gain access, because the user unwittingly opens the gate for them to enter.

4. Be smart about handling attachments.

Make sure you have anti-spam filtering measures in place.
Prevent virus outbreaks and block spam by scanning incoming emails and only accepting secure emails.
Don't open unexpected attachments - no matter how enticing they look - or those sent by unknown parties.
Never click on an attachment unless you're convinced it's virus-free and not malevolent.
Ensure that you have deployed an effective office protection solution. The most effective office protection solutions are cloud-hosted and encompass facilities that ensure that you have a secure email scenario by always:
a) Protecting against viruses, spamware and malware using a continuously updated database of know threats;

b) Enabling you to implement and manage a web filtering solution that ensures that dangerous (and productivity killing) categories of websites are effectively blocked from being accessed;

c) Allowing device control functionality that stops unauthorized attachment and transmission of confidential corporate and personal data.

When planning and implementing electronic data security measures, remember that along with the personal information act that is upon us, companies need to prove that everything was done to protect valuable information. This includes securely backing up information but also protecting this information from the outside world.

Ensure that your office protection solution is effective and easy to configure and manage. Check out our recent AV Comparative 'Hall of Fame' report here!