Everything You Need To Know About Security Breaches : Email And Other Social Platforms
E-mail, since its invention in the 1960s, has become popular as data communications networks and services have become more accessible. At present, it continues to be one of the most used communication tools, both in the workplace and in the private sector.
In the traditional architecture, email was hosted on the organization’s servers and was managed by its own or external personnel. With the introduction of new technologies, such as instant messaging or social networks, the scenario is different. Now the computing resources are used in the cloud provided by large technology multinationals.
Email has also grown in functionality. If before it was a simple means of exchanging text messages, now it constitutes a key part of the decision-making process of the organization, having added extra functionalities such as document sharing in the cloud, videoconferencing, surveys, multimedia, etc.
As a result of this evolution, entities have accumulated large repositories of information in the cloud. Typically, these stores are accessible with the same email credentials. The cloud stores and processes updated information, as well as historical information, of public and private organizations of any field, from small companies to large companies , passing through educational centers .
Among the most used platforms are products such as Microsoft’s Office365, or Google Suite that currently dominate the market in professional environments.
Access to online productivity platforms has also evolved. At first it was necessary to use the corporate computer connected to the intranet to access email. Now, however, it is possible to access from any device with an internet connection that we have within our reach, regardless of the network to which we are connected.
In most cases, it is no longer required to have a specific application for access, simply a web browser is enough, and a single common address for access by employees of all organizations that use the same corporate platform. This is one of the advantages of having information in the cloud, but at the same time an inherent risk of this technology.
Due to this ease of connection, and the fact that the attack surface to these systems is the entire Internet, the following threats can be listed, among others:
- Attempts to access corporate platforms by brute force .
- Access attempts through the reuse of credentials in other Internet services that have been subject to a security breach.
- Theft of credentials through social engineering attacks such as phishing, which end up resulting in the user entering their corporate credentials on fraudulent pages controlled by cyber attackers.
- Exposure of personal information by not differentiating the tools used in the work environment from the private environment.
- The data controller must adopt measures to minimize the probability that the above threats materialize. Among others, we can highlight:
- Choose reliable and guaranteed solutions and service providers , and pay attention to the configuration of security and privacy options offered by productivity platforms in the cloud.
- Establish procedures and recommendations for access to corporate mobility and telework tools , which are easily understood and executed by all members of our organization.
- Establish restrictive access policies to corporate productivity tools for personal use or from non-corporate devices . If allowed, establish appropriate security measures and information compartmentalization mechanisms that keep the professional’s personal scope separate.
- Use a second authentication factor : this is the most recommended measure when accessing online services. Online office suites usually have the possibility of not only accessing with a username and password, but also adding robustness to the authentication through a token, an SMS message or the use of an APP on another device.
- Use strong passwords : The use of passwords that are difficult to predict and that are not used in other services is essential to protect yourself from improper access. It is necessary to implement a correct password use policy in the organization. It is advisable to consult the services that inform us of the accounts that have suffered security breaches on other websites in case any member of the organization has reused their credentials.
- Check for improper accesses : correctly managing the access logs to these portals can give us a lot of information, such as accesses that occurred during hours when it should not be accessed, IP addresses geolocated in places without the organization’s presence, or constant errors access on some accounts. These traces will give us the necessary clues to know if our organization is being the object of some kind of attack.
- Check the redirects in the mailboxes : once the access credentials have been compromised, one of the first actions that cybercriminals take is to create a mail redirection rule to intervene our communications, forwarding the emails that We received. In this way, attackers can analyze the information without having to access our mailbox. Depending on the productivity platform used, it is possible to check for this threat in different ways. For example, an administrator can use this solution for Office365 . In any case, users always have the option to check if they have any rules and remove them.
Also Read : Advantages Of Teleworking