Introducing Microsoft Teams—the Chat-Based Workspace in Office 365

Microsoft just announced Microsoft Teams—the new chat-based workspace in Office 365. Microsoft Teams is an entirely new experience that brings together people, conversations and content—along with the tools that teams need—so they can easily collaborate to achieve more. It’s naturally integrated with the familiar Office applications and is built from the ground up on the Office 365 global, secure cloud. Starting today, Microsoft Teams is available in preview in 181 countries and in 18 languages to commercial customers with Office 365 Enterprise or Business plans, with general availability expected in the first quarter of 2017.

At Microsoft, we are deeply committed to the mission of helping people and organizations achieve more—and reinventing productivity for the cloud and mobile world is core to our ambition. We built Microsoft Teams because we see both tremendous opportunity and tremendous change in how people and teams get work done. Teams are now more agile and organizational structures more flat to keep communications and information flowing. With Microsoft Teams, we aspire to create a more open, digital environment that makes work visible, integrated and accessible—across the team—so everyone can stay in the know.

Microsoft Teams delivers on four core promises to create a digital workspace for high performing teams.

Chat for today’s teams

First and foremost, Microsoft Teams provides a modern conversation experience for today’s teams. Microsoft Teams supports not only persistent but also threaded chats to keep everyone engaged. Team conversations are, by default, visible to the entire team, but there is of course the ability for private discussions. Skype is deeply integrated, so teams can participate in voice and video conferences. And everyone can add personality to their digital workspace with emojis, stickers, GIFs and custom memes to make it their own.

1

A hub for teamwork

Second, Microsoft Teams brings together the full breadth and depth of Office 365 to provide a true hub for teamwork. Word, Excel, PowerPoint, SharePoint, OneNote, Planner, Power BI and Delve are all built into Microsoft Teams so people have all the information and tools they need at their fingertips. Backed by the Microsoft Graph, intelligent services are surfaced throughout the workspace to help with information relevancy, discovery and sharing. Microsoft Teams is also built on Office 365 Groups—our cross-application membership service that makes it easy for people to move naturally from one collaboration tool to another, preserve their sense of context and share with others.

2

Customizable for each team

Third, since all teams are unique, we’ve invested deeply in ways for people to customize their workspace, with rich extensibility and open APIs available at general availability. For example, Tabs provides quick access to frequently used documents and cloud services. Microsoft Teams also shares the same Connector model as Exchange, providing notifications and updates from third-party services like Twitter or GitHub. Further, we are including full support for the Microsoft Bot Framework to bring intelligent first- and third-party services into your team environment.

3

Today, we are also announcing the Microsoft Teams Developer Preview program, allowing developers to extend Microsoft Teams. We will have integrations with over 150 partners at general availability—including our early partners Zendesk, Asana, Hootsuite and Intercom. This is the first step in providing the customization users want and the tools and support our developer community will need to integrate with Microsoft Teams.

Security teams trust

Finally, Microsoft Teams provides the advanced security and compliance capabilities that our Office 365 customers expect. Data is encrypted in transit and at rest. Like all our commercial services, we have a transparent operational model with no standing access to customer data. Microsoft Teams will support key compliance standards including EU Model Clauses, ISO 27001, SOC 2, HIPAA and more. And, as customers would expect, Microsoft Teams is served out of our hyper-scale global network of data centers, automatically provisioned within Office 365 and managed centrally, just as any other Office 365 service.

4

Microsoft Teams joins the Office 365 universal toolkit

Microsoft Teams joins the broadest and deepest portfolio of collaboration applications and services to help solve the diverse needs of people and organizations globally. As we’ve learned from our 85 million active monthly users, all groups have a diverse set of needs when it comes to working together. Office 365 is designed for the unique workstyle of every group and includes purpose-built applications, all deeply integrated together.

  • Exchange is the undisputed leader in corporate email and according to Gartner has “80 percent share of companies using cloud email with revenue above $10 billion.”
  • SharePoint provides intranets and content management solutions to more than 200,000 organizations and 190 million people.
  • Yammer is the social network for work, enabling cross-company discussions for 85 percent of the Fortune 500.
  • Skype for Business provides real-time voice, video and conferencing and hosts more than 100 million meetings a month.
  • Office 365 Groups is our cross-application membership service that makes it easy for people to move naturally from one collaboration tool to another.

Contact the Atidan team at office365@atidan.com for additional information, free trial of Office 365 and special deployment offers!

 

Blog credit: https://blogs.office.com/2016/11/02/introducing-microsoft-teams-the-chat-based-workspace-in-office-365/

5 Commonly Overlooked Security Threats

 The Internet is a vast place that brings amazing information to our fingertips in a matter of seconds. While this is a wonderful attribute, it also can be dangerous to your personal information or business’s data. That’s because there are hackers out there just itching to access your information and email is still a common way they accomplish this feat. And as we’ve seen through several recent examples—including the 2015 Pentagon and 2014 Sony email hacks—simply having a “strong” email password isn’t enough to keep your data from being compromised.

While some may jokingly (or not-so-jokingly) call for less email usage and more frequent use of the phone to communicate important information, it’s not always possible in our highly digital world. So in addition to being cautious about what is communicated in your emails, it’s important to understand how to protect those emails in the first place. To ensure secure email on your personal and work devices, you first have to recognize threats to your email system—including the less common ones.

Overlooked security threats

Here are five often overlooked threats to your email security:

  1. Social engineering schemes that use your mobile number—Did you know that attackers only need your mobile number to trick you into giving access to your email? Essentially, they’ll send you a text posing as your email provider (e.g., Outlook) and tell you you’re about to receive a code to ensure your email account is secure. This text will then ask you to reply with the code to confirm. Then, they’ll trigger the password reset process, you’ll receive a real message with the unlock code—and if you send it to the attackers unknowingly—they’ll use it to reset your password without your knowledge. Check out this video if you want more specifics on this scheme.
  2. Sharing your access credentials with others—It’s common for some employees to share their credentials—including their password—with a fellow employee or manager when they’ll be out of the office, whether on vacation or during short-term or long-term disability. If organizations don’t have defined security policies for these situations, a lack of accountability could lead to compromised email security.
  3. Loss of a phone with pertinent information—Password management applications are wonderful tools that help you keep track of all the passwords for all of the email accounts you undoubtedly have. But if this application is installed on a phone that is lost or stolen, that can be a problem. Of course, it’s important that your phone is also password-protected, but organizations should take security one step further when it comes to work or personal devices that carry business data or information. Specifically, a business should standardize acceptable use policies regarding the local storage of files, remote wipe capability and network connectivity.
  4. Lack of email encryption—Just because data is passed via a secure email server doesn’t mean it’s 100 percent safe. To add an extra layer of protection, companies should invest in an encrypted email service, which seals email messages and ensures only those with a decryption key can read and access sensitive information.
  5. Crypto-ransomware—Ransomware is nothing new, but it’s a nasty way for hackers to operate. They essentially take the files on your computer or devices hostage until you pay a ransom to have them released. Crypto-ransomware is even nastier, as the hackers encrypt your computer’s files and will only surrender decryption keys upon payment. How is this related to email? These attacks are typically triggered through the opening of some sort of email attachment (e.g., an invoice, energy bill, image, etc.) and they often look legitimate. According to Symantec’s 2015 Internet Security Threat Report, attacks of this nature are highly profitable (bringing in approximately $34,000 per month for one group alone) and growing in popularity.

Whether through phishing schemes or direct malware attacks, email security threats are prevalent—and as we’ve seen, even the mighty can fall prey to them. That’s why it’s more important than ever for organizations to invest in a secure email service that will help them keep their data safe. In addition, employee education is a large part of maintaining a secure email environment. When people know what to expect, they’re better equipped to protect themselves and their companies from liability.

Get more out of your email to help grow your business with solutions from Atidan and Microsoft. Contact us today at office365@atidan.com

 

Blog credit to Microsoft: https://blogs.office.com/2016/01/28/overlooked-email-security-threats/

11 Features to Get the Most Out of Your Business Email

In the world of work, email is a mainstay. It allows us all to communicate at lightning-fast speeds—without having to pick up the phone. It gives us the power to thoughtfully consider projects, questions, answers, opinions, requests and feedback, all of which opens the door to better communication. And it gives us the ability to see the progression of conversations without digging through a mountain of individual messages. However, most people aren’t taking full advantage of what their email systems offer. Sure, they know how to send messages, set tasks, make notes, block their calendars and schedule reminders, but there are also some pretty great features (and hacks) that you may not know about that could just transform the way you use business email. Let’s take a look:

  1. Future delivery/delayed delivery: Whether you have news that you don’t want to share immediately or a project that’s ready for delivery but you don’t want to submit it too early, future/delayed delivery allows you to create and distribute messages on your schedule.
  2. Message grouping: For heavy email users, the ability to group messages into conversations related to specific topics can help you keep track of emails, stay up to date on developments and work more efficiently.
  3. Conditional formatting: Like message grouping, conditional formatting can help you organize conversations and stay on top of a certain topic. However, instead of grouping all messages into a batch that you can browse at a glance, conditional formatting simply displays messages matching selected criteria in the font and/or color of your choice.
  4. Rules: Providing you with yet another organizational option, the rules feature allows you to create and manage settings that empower your email system to automatically process messages in a certain way. Some systems can check for and include sender, recipient, email size, date and more. This way, you’ll never miss a message from your boss or your most important client; messages with large attachments can be singled out, etc.
  5. Email to text: For those times when you need an immediate response, or need to contact someone who may not have access to his or her email account, a text message may be the best way to get in touch. Some business email providers offer this feature, others don’t. If yours does, it can help you relay urgent messages quickly. Just be careful to reserve use of this feature for those who prefer it or for truly critical situations—because it can be disruptive to receive a barrage of non-urgent text messages while in a meeting, on vacation, etc.
  6. Desktop alerts: Whether you need to reduce distractions for a day or indefinitely, by disabling desktop alerts you can eliminate pop-up notifications about new messages and focus on whatever the task at hand may be. Conversely, if you’re waiting for an important email that you can’t afford to miss by a moment, you can easily turn on desktop alerts for a few hours or turn them on and leave them on for good.
  7. Email templates: If you’re a PR exec, public information officer, customer service representative, work in sales or are in any position that requires you to field requests for information about a program, service, product or topic, email templates can help you make quick work of your responses. After creating your template, all you’ll have to do is locate the template, personalize it as necessary and hit send. Not only will it help you save time, but increase your productivity. Plus, by not having to repeat yourself over and again, it might just improve your job satisfaction.
  8. Save messages as files: If you want to save certain emails in the same file as project work, contracts or other documents, you can simply drag your message from your email window to your file folder. Or, you can click Save As and choose to save a message in a specific location. This way, you can refer back to messages without digging through your inbox and/or archive.
  9. Multi-action shortcuts: If your email system supports shortcuts, it may also support multi-action shortcuts, which gives you the ability to combine several shortcuts into one quick action. For instance, if you want to mark a group of emails as read and simultaneously move them to a specific folder, or even mark messages as read, flag them as important and forward them to your team, you can do that with multi-action shortcuts. Some email systems that support multi-action shortcuts also allow you to create your own shortcuts, so you can customize your actions and make quick work of managing your inbox.
  10. Automated cleanup: Some email systems include an automated cleanup function that can help you save space and keep your inbox tidy. When a conversation (message and response) occurs over email, some email systems can analyze the contents of that conversation and determine if a message is completely contained within each thread. If it is, then the previous message will be automatically deleted—so you’ll have access to both the original message and all comments within a single email conversation, but your inbox won’t be clogged by redundant emails.
    Of course, if someone keeps clogging up your inbox with messages you don’t need or want, you can generally block their messages by using your “junk” or “spam” filters. But if you don’t want to permanently prevent someone from contacting you via email, you can simply select to send certain conversations directly to your trash by clicking the Ignore button.
  11. Delegate access: Finally, if you’re going on sabbatical, an extended vacation or parental leave and you don’t want to either check messages daily or weekly—or come back to a mountain of email—you may be able to give someone else permission to manage your inbox. Simply look at your account settings. If you see a Delegate Access button—or something similar—you can choose to give access to a coworker who can step in and respond to messages in your absence. Of course, you’ll still have the ability to check messages and respond as appropriate, but this feature can help you keep things in check while you’re away.

Email continues to be an important tool in the business world, and your mastery of these tools will only enhance your value in the workplace. Hopefully, we have shared one or more features that you will introduce into your business arsenal, leading to increased productivity.

Related content:

Contact the Atidan team at http://bit.ly/1PVDnHg for additional information about business email solutions!

Credit to Microsoft Blog: http://bit.ly/1PVDnHi

Email Archiving—5 Reasons Why This is the Best Email Feature You Never Use

Whether you work in the corporate world or not, you probably send and receive multiple emails every day. It’s a fast, convenient way to communicate with peers, colleagues, clients, friends and family. Of course, email is an extremely popular communication tool for companies—in part because of its ability to document conversations and serve as a searchable repository of information.

In fact, studies suggest that three-fourths of an organization’s intellectual property is contained within email and messaging systems. That means it’s important to protect this data and not just send it to the trash. But keeping that much information can overload your company’s storage servers.

So what’s the best solution?

Email archiving is nothing new. The tool has been around for years—so why don’t more companies use it? Here are five benefits to using an email archiving solution:

  • Storage. When email data is stored on live servers, it can greatly reduce performance as the server gets fuller. The only other options are to delete emails altogether—not a wise option, since important data can be lost forever—or store them elsewhere. Email archiving follows this latter option and moves data to a secure off-site server or cloud environment. Some solutions use advanced compression and/or deduplication to reduce the required disk space in the archive—sometimes by 50 percent or more.
  • Restoration. Depending on what backup solutions you already have in place, email archiving can speed up the process whenever your data needs to be restored. This is because the archived data takes up less space. In addition, restoring non-archived emails becomes faster and easier, because the mail server’s data load is lessened.
  • Security. Just because your old emails are “out of sight” and stored elsewhere doesn’t mean they aren’t protected as well as emails in your live inbox environment. If you’ve got the right email archiving solution, your data is immutably preserved and safeguarded with continuous data backup and premier disaster recovery capabilities. For the best service, look for a provider that delivers reliability, availability and performance with a guaranteed 99.9 percent uptime and financially backed service level agreement.
  • Productivity. When your live servers are bogged down with tons of email data, it can make searching for a specific email or a specific subject grueling and slow. In addition, by getting rid of email box quotas and setting up automatic email archiving, employees no longer have to spend precious time deleting emails or moving them to PST files like the old days. Finally, when you give your employees the ability to easily access archived and backed up email data, you place the power in their hands—meaning they won’t have to engage the IT department to do it for them.
  • Compliance. Most industries require organizations to keep business records—and since emails often contain such records, deleting them is a no-no. Specific industries like health care, financial services, pharmaceuticals and energy have even stricter regulations about what business records must be kept.

When you consider an email archiving solution, remember to research providers and select one that will deliver a user-friendly solution that keeps you in control and maintains high standards of security and reliability.

Related content:

Credit to Microsoft Office Team:https://blogs.office.com/2015/11/05/email-archiving-the-best-email-feature-you-never-use/

7 new Exchange Online Protection enhancements

Post was written by Shobhit Sahay, technical product manager for the Office 365 team.

The Office 365 Exchange Online Protection (EOP) team has been hard at work on new features that reflect our continued commitment to provide advanced security, reliability and protection of your email, and a simpler and more efficient user experience for email admins. Today, we’re pleased to announce seven new EOP features, including:

  1. Scheduled EOP reports
  2. Domain-based email traffic support
  3. Simplified block and allow
  4. Quarantined message preview
  5. Bulk release
  6. Improving backscatter detection with Boomerang
  7. Non-delivery report (NDR) backscatter storm prevention

Scheduled EOP reports and domain-based email traffic support

Two new EOP reporting features have been included in this update. First, customers can now schedule EOP reports to be delivered via email on a weekly or monthly basis. For tenant admins, this means you can schedule EOP reports to arrive in your inbox on a day that you specify and choose from four types of EOP reports:

  • Mail traffic summary (aka sent-and-received mail)
  • Spam detections summary
  • Rule matches
  • Data Loss Prevention policy matches

7 new Exchange Online Protection enhancements 1

The new scheduled report feature is easy to set up on the Office 365 portal for EOP or Exchange Online customers.

To get started, go to the Office 365 portal and click Reports, then select the type of report you want to schedule. From the report page, click Schedule this report. It’s that easy! You’ll find more information about scheduling EOP reports and the customization features that help you obtain the specific data you need here.

7 new Exchange Online Protection enhancements 2

Scheduled EOP reports are delivered to your inbox on the day of the week or month you specify.

The second new reporting feature enables admins to assess email traffic at the domain level through PowerShell. For large customers with many domains, this feature makes it easy to view domain-level aggregation of mail traffic. To obtain mail traffic breakdown by domain, use the ‘Domain’ parameter with  Get-MailTrafficReport and Get-MailTrafficPolicyReport in PowerShell. More information about domain-based email traffic support is available here.

Simplified block and allow

We simplified the process for EOP or Exchange Online admins to block or allow emails from an individual sender or an entire domain. The new simplified block-and-allow lists replace the need to write a complex transport rule to bypass spam filtering or modify the Spam Confidence Level for a sender or domain.

Located in the Spam Filter section of the Office 365 Exchange Admin Center, you’ll access this feature by clicking the Protection link, making it easy and intuitive to find. There, you can create, edit and maintain block-and-allow lists for senders and domains.

spamallowlist

Simplified block and allow is currently in preview with first-release customers and will be deployed worldwide by the end of the month.

Quarantined message preview and bulk release

As part of our efforts to revamp our quarantine feature area to further protect against email containing malware or viruses, we released our new quarantined message preview earlier this month. You gave us the feedback that you need more information to determine if a quarantined message is malicious or legitimate. The new quarantined message preview allows you to see the body of a message without triggering any malicious content. This new visibility provides an improvement over previously just seeing a quarantined message’s sender, recipient, subject and date.

Two months ago, we released our bulk release feature, which has received widespread positive feedback from customers. Now, admins can quickly and easily select up to 500 quarantined messages to release or not release, which can be especially helpful in addressing large email campaigns. The bulk release feature can be accessed either through the Office 365 quarantine area or via PowerShell.

Backscatter spam improvements

Backscatter spam—when you receive a non-delivery receipt for an email that a spammer sent using your forged email address—is a growing source of irritation for end users and a challenge for email admins. We have stepped up to backscatter spam with two new protections:

  • Improving backscatter detection with Boomerang—In addition to basic backscatter protections in Office 365, we recently rolled out Boomerang, our Microsoft-branded mechanism to better detect backscatter spam. Now deployed for both hosted and on-premises mailboxes, Boomerang provides greater security and smarts to fight backscatter spam.
  • NDR backscatter storm prevention—This feature, deployed in May, addresses backscatter on a mass scale by automatically deleting the majority of a spammer’s large-scale email campaign, leaving just a handful of forged messages so that the responsible admin has visibility on the attack. NDR backscatter storm prevention is especially helpful in preventing spammers from spoofing well-known, executive email aliases, which are often targeted to add an appearance of legitimacy to spam or to direct mass hate emails.

Contact the Atidan team at office365@atidan.com for additional information about security and special offers on Office 365 deployment and support!

Microsoft Exchange Advanced Threat Protection Launch

Pleased to announce that an Advanced Threat Protection (ATP) service is available now to all Exchange/Office 365 subscribers (Coming August 1 for volume (Open/EA) license customers). You already have Microsoft’s Exchange Online Protection (EOP) at no charge to protect against spam and malware. Exchange Advanced Threat Protection or ATP is a new offering launched this week and is priced at $2 per user per month. You can activate any number of licenses to suit your needs – try it for your top executive team, for users who work with sensitive content or for your entire enterprise.

Key benefits and my comments include:

1.  Better protection against day zero viruses and unknown malware

  a.  Even after EOP filtering, something that has never been seen before can get through filters

  b.  Machine learning with behavior analysis watches content and makes real time validations called Safe Attachments

    i. Could cause possible message delays in suspicious message receipt fyi

2.  Real time protection against malicious URLs

   a.  Protect against phishing attacks and redirection

   b.  Check is performed at time of reading

         i.  Note this could cause a time delay while URL is scanned as the link is clicked

3.  Reporting and URL Tracing

a.  Analyze patterns of attacks, categories of attacks and conduct investigations

It is hard to put a value on this service but the cost is insignificant compared to the cost of an attack such as the Cryptolocker virus. One single incident could dwarf the costs of this subscription and I’ve posted a great white paper study from Ponemon detailing the average data breach cost .

Active Atidan clients can get our assistance to turn on this service at NO CHARGE. Additional consulting is always available to help you with new security features in Office 365 such as Rights Management, Encryption, eDiscovery, Legal Hold, Archiving and more.

Exchange Online Advanced Threat Protection

Protect your email in real time against unknown and sophisticated attacks.

Secure your mailboxes against advanced threats

New malware campaigns are being launched every day, and Office 365 has a solution to help protect your email against them. With Exchange Online Advanced Threat Protection, you can protect your mailboxes against new, sophisticated attacks in real time. By protecting against unsafe attachments and expanding protection against malicious links, it complements the security features of Exchange Online Protection to provide better zero-day protection.

Protect against unsafe attachments

With Safe Attachments, you can prevent malicious attachments from impacting your messaging environment, even if their signatures are not known. All suspicious content goes through a real-time behavioral malware analysis that uses machine learning techniques to evaluate the content for suspicious activity. Unsafe attachments are sandboxed in a detonation chamber before being sent to recipients. The advantage is a malware free and cleaner inbox with better zero-day attack protection.

Protect your environment when users click malicious links

Exchange Online Protection provides protection against malicious links by scanning content. Safe Links expands on this by protecting your environment when users click a link. While the content is being scanned, the URLs are rewritten to go through Office 365. The URLs are examined in real time, at the time a user clicks them. If a link is unsafe, the user is warned not to visit the site or informed that the site has been blocked. Reporting is available, so administrators can track which users clicked a link and when they clicked it.

Get rich reporting and track links in messages

Gain critical insights into who is being targeted in your organization and the category of attacks you are facing. Reporting and message trace allow you to investigate messages that have been blocked due to unknown viruses or malware, while URL trace capability allows you to track individual malicious links in the messages that have been clicked.

The Small Business’s Guide to Secure Email

It probably comes as no surprise to most business owners that email is a primary way hackers can gain access to sensitive company data and information. But it may alarm you to know that small businesses are particularly vulnerable. Specifically, overall cyber-attacks on companies with 250 or fewer employees doubled in the first six months of last year—and the loss per attack was more than $188,000 on average. The effect of cyber-attacks on the American economy as a whole is a high cost of $100 billion annually, according to the Center for Strategic and International Studies.

That’s one reason the great Sony email hack of 2014 was such a big deal—it left every business wondering how they could avoid the same fate. It stands to reason that if such a large company, with multiple layers of security, can be hacked, small businesses with fewer resources have no hope, right?

Maybe not. There are many ways to ensure your business is protected through secure email. Since your business’s security is only as strong as your weakest link, the secret is to get employees involved and invested in the success of your security. Here are seven tips to get you started.

  1. Make it a top priority to create and implement a cybersecurity plan.

Of course, this involves more than simply considering how to ensure secure email service—it should also include strategies for keeping your website, payment information, and other information safe—but addressing email security should be a main part of your plan. The Federal Communications Commission created a handy tool, the Small Biz Cyber Planner 2.0, to assist you in creating a customized plan.

  1. Consider email encryption.

Email encryption helps to protect personal information from hackers by only permitting certain users to access and read your emails. There are several methods of email encryption depending on the level of security—and convenience—you require. For example, you could download or purchase extra software that will plug in to your Microsoft Outlook. Gpg4win is one such free privacy email guard software for Windows. Or, you could install an email certificate like PGP (Pretty Good Privacy), which allows your employees to share a public key with anyone who wants to send them an email and use a private key to decrypt any emails they receive. Another simple solution is to use a third-party encrypted email service.

  1. Ensure passwords are secure.

All employees should have their own password for their work computer and email system. These passwords should be reset every three months; also consider requiring multifactor authentication when employees change their passwords. The strongest passwords consist of at least 12 characters and a combination of numbers, symbols, lower-case letters, and capital letters. Passwords should not be something obvious (e.g., birthdays, children’s names, etc.) but should be memorable. In other words, employees should steer clear of the two most common—and worst—passwords of 2014: “password” and “123456.”

Also, employees should not use the same password for multiple accounts or websites. Consider allowing the use of a password manager or single sign on function. Some great solutions for small businesses looking for tools to store codes, bank accounts, email accounts, PIN numbers, and other account information in one place include CommonKey, LastPass, and Password Genie.

How do you know whether your password has been compromised? Sign up for watchdog services like PwnedList or Breach Alarm, which monitor leaked passwords and will report automatically to you if any of your email addresses are vulnerable.

  1. Develop an email retention policy that makes sense.

With the cost of storage today, there’s no point in keeping old emails that are no longer useful. Ask employees to purge emails that do not support business efforts and implement a policy to ensure compliance. Many companies institute a 60-90-day standard, with steps toward automatic archiving and permanent removal after a set time period. Remembering to delete emails that don’t comply with this standard can be difficult for some employees, so frequent reminders may be necessary.

  1. Train employees in email security.

Employees play a crucial role in keeping data secure through email. They should be trained on what types of behaviors to refrain from and what types of emails to avoid. Unfortunately, according to InfoSight, nearly half of all companies spend less than 1 percent of their security budget on programs that train employees on how to be aware of security threats. Yet 64 percent of organizations experienced some level of financial loss due to computer breaches and 85 percent detected computer viruses. Wouldn’t it be worth the low cost of training to mitigate the potentially large cost of a hack?

Specifically, employees should be trained to comply with the following rules:

  • Never open links or attachments from unknown persons.
  • Don’t respond to emails that request a password change and require you to divulge personal information—no matter how official the source appears.
  • Ensure antivirus and anti-spy software is updated on your computer.
  • Encrypt any emails containing sensitive data before sending.
  • Don’t use your company email address to send and receive personal emails.
  • Don’t automatically forward company emails to a third-party email system.

In addition, some companies have found success in instituting programs that test employees with phishing campaigns, spear-phishing emails, and other cybersecurity threats and then reward them when they pass these tests.

  1. Maintain strict standards for company-related mobile device usage.

When using a company-issued mobile device, or a personal mobile device where you send and receive company emails, employees should encrypt data, keep the device password-protected, and install approved security apps so hackers cannot access devices via shared WiFi networks.

  1. Avoid common pitfalls when securing email.

Besides all of the things we’ve already discussed, email can remain unsecured in other ways as well. Be sure to consider the following:

  • All computers—not just a few—should use email encryption. There’s no point in encrypting emails unless the same standard is applied across the board.
  • Unlocked computers should never be left unattended. Make it company policy for employees to lock their computers (which should be password-protected at login) before getting up from their desks.
  • Store emails in a secure location behind a firewall. Do not allow employees to store copies of emails in their personal cloud or any other such location.

By being purposeful when creating policies involving your small business’s emails, you will head off a lot of issues before they even come to pass. Get employees on board and reward them for assisting in developing an environment where information is secure. Together, it’s possible to keep employee, customer, and business data safe—one email at a time.

Reference: Microsoft Office Blog: http://blogs.office.com/2015/05/12/the-small-businesss-guide-to-secure-email/