Email Archiving and Cyber Security
Email archiving and cyber security aren’t always considered linked by business owners. Most companies look into email archiving first to save space on existing inboxes and servers as part of an email retention policy. However, there are features of email archiving that form part of your cyber security strategy. In this blog, you’ll find out how archiving is important for your cyber security, email security and cyber resilience.
Cyber security, computer security or information technology security is the umbrella term for protecting computer networks and systems. These are the measures taken to prevent theft or damage to hardware, software and sensitive data, but also any disruption to services.
The importance of cyber security continues to grow because businesses depend on their IT systems for almost everything. It explains why global spending on cybersecurity ballooned to $5 billion during 2018. According to Statista, the average investment in cyber security during 2019 by large businesses was £277,000 with average across all sizes of businesses being £5,100.
Investment in cybersecurity is vital, because of these main threats to systems:
- Phishing – the practice of sending out malicious emails in the guise of a reputable source to steal information or gain access to a system.
- Ransomware – malicious software designed to extort money by taking away someone’s access to files or systems and only giving them back once a ransom has been paid.
- Malware – software designed to gain unauthorised access or cause severe damage to a computer.
- Social engineering – this is a tactic that criminals used to trick people into revealing sensitive information. Usually combined with one tactic above.
How email archiving supports cyber security
Phishing attacks are a very real threat to individuals and businesses. A good phishing email will completely imitate a reputable source, and to the untrained eye can cripple an entire business. It’s the duty of a business to provide security awareness training, but also to invest in software that will help if the worse comes to worst.
Email archiving ensures your inboxes are ready and waiting to be retrieved in the event that your inboxes are locked by a cyber criminal. Disaster recovery is important for getting your business back up-and-running as fast as possible. If you can’t function without your email inboxes, without an archive during a security breach it could cause irreversible damage. As all emails are copied over from the moment they land in a user’s inbox, and are tamper proof, you are guaranteed to receive all original copies and attachments.
Email security is the collective term for measures taken to ensure to secure the access and content of an individual’s email account of service. It allows a single user or business to protect overall access to one or more email addresses.
From a user perspective, basic email security measures are:
- Using strong passwords
- Changing passwords often
- Spam filters
- Anti-virus/anti-spam desktop software
Email service providers such as Microsoft and Google implement their own security to secure all subscriber accounts. These include strong password and access control mechanisms on email servers, encrypting and digitally signing emails in inboxes or during transit. Providers also implement firewall and software-based spam filters to restrict email messages that have malicious intentions.
All this security isn’t unbeatable, however, as shown that 29% of organisations had reported that their Office 365 accounts had been hacked in March 2019 alone. By the end of Spring 2019, 6% of all Office 365 accounts had been compromised.
Arguably one of the biggest email hacking scandals was the 2016 Panama Papers leak. Corporate service provider Mossack Fonseca notified its clients – which included world leaders and their relatives and celebrities – they were the victim of an email hack which leaked the information of over 214,488 offshore entities. Sensitive client information was now in the public domain with documents dating back to the 1970s. Further investigation into these documents found that the offshore accounts were being used illegally for fraud and tax evasion. It was found that the Mossack Fonseca had not been encrypting their emails.
How email archiving supports email security
It may seem that old emails stored in your inbox are safe and secure, but that’s not always the case. Once a hacker gets in, they have access to everything and will find what they want very quickly. The only way to protect your inbox completely is with a solution that preserves and safeguards from data loss, while giving you a fast way to retrieve your emails during disaster recovery.
Cryoserver delivers the reliability, 24/7 availability and performance that everyone expects from an email archiving solution. It can even integrate with email providers such as Office 365 for a smooth transition that doesn’t affect users day-to-day. All information is encrypted, including attachments, once it’s copied into the secure archive.
Cyber resilience refers to a business or entity’s ability to deliver a service during a cyber attack or data breach. By implementing cyber resilience recommendations, an organisation ensures that all operations are safeguarded and a threat doesn’t completely destabilise a business.
The practice of cyber resilience is a preventive measure to counteract human errors and insecure software (and hardware) and protect insecure components in the infrastructure.
There are four components to cyber resilience:
- Threat protection – building on basic security to secure against email attacks and protecting endpoints.
- Recoverability – the ability to return to normal business functionality quickly after a cyber attack.
- Adaptability – the ability to adapt to developing ways that cyber attacks evolve their attacks.
- Durability – how your network is equipped to fight off cyber attacks (this is improved over time through regular updates and enhancements).
How email archiving supports cyber resilience
Email archiving is a huge part of cyber resilience, especially in relation recoverability. In the event your inboxes are locked away from users and vital information is left in the hands of criminals, it’s unlikely you’ll be able to function as a business without emails. Only with email archiving will you be able to get your company-wide inboxes back fast to your users after the event of a cyber attack.
For an on-premise or cloud-based email archiving solution, look no further than Cryoserver. Start protecting emails today to ensure you follow regulatory compliance, and show your clients that you take data protection seriously. Get in touch with us today.Blog