Recent news about high-profile personalities using their personal email for business has brought an issue to light that almost all companies face. Is your business prepared to handle a compromised account or device? If not, your confidential financial, HR or customer data could be at risk. Regardless of whether you consider yourself “high-profile” or not, these policies make sense for all employees at every level.
Policy #1: If It’s for Work, Use Work Email
When employees of your company – including the owner, partners or executives – conduct business on behalf of the organization via email, they should use the company email system.
This ensures the communication looks professional, which is important, but it also makes it possible for the email to be viewed by management at any time if that becomes necessary.
Policy #2: Never Email Important and/or Classified Documents
Never email documents that are sensitive in nature. Instead, email the recipient a link to where the document resides on your network or other secure location. Keeping data in a secure location ensures your organization’s employees, contractors and vendors will need to log in to access it and helps prohibit the information from being forwarded by accident to someone who should not see it.
Policy #3: Have a Clear Procedure for Reporting Lost or Stolen Equipment
It is vitally important to have a clear policy about the steps employees should take if their work phone, laptop or tablet is lost or stolen.
First of all, we recommend that organizations have the ability to remotely wipe all mobile and personal devices used for accessing work emails. Companies should have the ability to selectively wipe information from personal devices. A selective wipe removes only corporate email accounts from personal devices to avoid the loss of personal information like photos. They should also have a method in place for fully wiping a device in the event it is lost or stolen; this will erase all of the data on the device. Learn more.
Be sure to clearly state the course of action your company will take in your Reporting Policy.
These policies, coupled with regular cyber security employee training meetings and an arsenal of up-to-date malware and firewall protection, will help you keep your data and business safe from cyber threats and unwanted email intrusion.
As always, if you have a question or concern, give us a call at (804) 918-7815 or send us an email. We’re standing by, ready to help.