Security Best Practices

In light of the recent security breach of the LinkedIn website and passwords, NMGI would like remind clients to take every measure possible to ensure the safety of your information.

In case you are not sure where to start, we have listed some  best practices to insure account security and privacy:

Changing Your Password:

  • Never change your password by following a link in an email that you did not request, since those links might be compromised and redirect you to the wrong place.
  • If you don’t remember your password, you can often get password help by clicking on the Forgot password link on the Sign in page of most websites.
  • In order for passwords to be effective, you should aim to update your online account passwords every few months or at least once a quarter.

Creating a Strong Password:

  • Use encrypted password management software to keep track of all of your passwords.
  • Variety – Don’t use the same password on all the sites you visit.
  • Don’t use a word from the dictionary.
  • Length – Select strong passwords that can’t easily be guessed with 10 or more characters.
  • Think of a meaningful phrase, song or quote and turn it into a complex password using the first letter of each word.
  • Complexity – Randomly add capital letters, punctuation or symbols.
  • Substitute numbers for letters that look similar (for example, substitute “0″ for “o” or “3″ for “E”.
  • Never give your password to others or write it down.

A few other account security and privacy best practices to keep in mind are:

  • Sign out of your account after you use a publicly shared computer.
  • Keep your antivirus software up to date.
  • Don’t put your email address, address or phone number on public profiles.
  • Only connect to people you know and trust.
  • Report any privacy issues to Customer Service.

*Modified from LinkedIn.com

Share

Why “Secure Encrypted Email” is necessary in today’s office.

Email encryption is crucial for any business that uses the internet for critical transactions. Corporate secrets and client information that is transmitted over the internet must be protected. In an age where anyone can intercept your information with a few clicks of a mouse, extra measures must be taken.

What exactly is email encryption? It is a security measure that is attached to your email that scrambles the information until it has reached its destination. What this does is prevent outsiders from receiving the information and using it for illegal purposes.

Businesses large and small benefit from the use of secure email but everyone is at risk when they have information transmitting over the internet. Cyber crime is the fastest growing criminal activity in the world. Extra precaution is necessary when sensitive data is transmitted. The interception of personal or product information can be devastating to a corporation.

Email encryption is required in many fields, such as medical and financial industry. Because the data that is transmitted by these corporations contains protected privacy matters, companies in these fields must use an encryption service. Using encrypted email to protect your client’s information will allow you to comply with all regulations in this area as well as instill a sense of security in your client’s minds. Everyone realizes that a stolen identity can be a life damaging experience. Clients will feel safe knowing your company takes every measure to protect their identity and information.

Email encryption is not hard to use nor is it expensive. Simple applications can be installed on your desktop or ran from an internet based server. Programs range from a simple encryption tool to a high tech service that can scan every outgoing email mail for sensitive information and either block its delivery or send it encrypted. A business can safely and cost-effectively protect themselves and their clients simply by using email encryption for all of their internet communications.

When it comes to simplifying your search for e-mail security, we can help. NMGI has many vendors to choose from and offers many benefits while keeping the system simple and affordable.  You can Exchange Confidential Information with business partners, patients, board members, and customers through highly secure e-mail.

So why is regular e-mail so unsafe? First of all there is no encryption. When a regular e-mail travels the Internet through multiple, unknown servers, the contents are sent clear-text, vulnerable to ease-dropping and sniffing. In addition those messages could be stored on various servers for an indefinite amount to time. Do you really want to shout your customers’ private information in a public forum?

Our encrypted email service uses end-to-end 256-bit AES encryption, so protected messages are encrypted before they leave the sender’s desktop, giving a very high level of security.

Secondarily there is no authentication. This means that one can send a message claiming to be whoever he or she wants. Just because a message says it’s from Mr. Smith, doesn’t mean that he actually composed the message. He may have no idea that someone is forging his name and address.

Every user of the system must prove his or her identity when sending or opening a protected message. This ensures that only intended recipients can read a message, and verifies who the message is from.

And finally, there is no certification.  Let’s say Mr. Smith sends you an e-mail. With regular e-mail, there is no way to confirm that when you receive the message that the contents have not been changed. Using digital signature hashes, our service verifies that the contents of all messages have not been altered while in transit.

Depending on your line of business, you may fall under one or more government or industry regulations that require your company to take certain steps to secure electronic communications pertaining to your operation. If you are involved in the health care industry, the Health Insurance Portability and Accountability Act of 1996 (HIPAA) outlines how you must protect patient data. If you are in the financial services industry, the Gramm-Leach-Bliley Financial Services Modernization Act of 1999 (GLBA) requires you to protect non-public personal information. There are many other regulations and industry expectations that may apply to you, and even if there weren’t any, you owe it to your customers and clients to protect their data. If you are not using an e-mail product that protects data AND authenticates users, you are at risk of running afoul with government regulations.

Network Management Group, Inc. (NMGI) Can Help

Call our team today to get the strongest possible security features with respect to both encryption and authentication, satisfying the legal and ethical requirements that you must address. Visit our site for more information about Secured Email.

Share