In early April, five companies I do business with informed me that my email address had been compromised by a company named Epsilon. Hilton, Marriott, 1-800-Flowers (thanks, mom) and two financial providers where I have amassed a combined balance approaching equivalence to my office area code, use the company for email marketing for their millions of addresses.
This Epsilon episode provokes me to ask you, “Is your email safe and sound?”
Whether you have hundreds, thousands or hundreds of thousands of addresses, they are a valuable asset. You need to keep them safe. I am not an email security expert, but Howard Globus, president of IT On Demand is. Here are Howard’s suggestions:
– Keep your computers and devices up to date – whether you use a Windows PC, an Apple computer, a Linux-flavored operating system or a smart phone, make sure that the software is up to date. New security holes are found, published and exploited every day, on ALL operating systems. Subscribe to your particular operating system’s alerts and apply updates regularly.
– Add a layer of protection between the public and private world – consider a firewall or security product to act as a buffer between your computer (or computers) and the Public Internet. A firewall, when properly monitored, kept up-to-date and sending regular alerts, will provide an early warning to potential security breaches.
– Your email password is not a luggage-lock. Your password for email (and on your computers and your firewall) should be more complex than “1234”. The most common password in use today is “123456”. Fourth on the list? “Password”. Without feeling too superior, ask yourself if you use a dictionary-based password, can your password be found in a dictionary? Or a dictionary word with a number? Jeremy12? Beach89? The more complex your password, the harder it is to crack. Consider using a password with a combination of alpha-numeric digits and an odd character thrown in. Need help coming up with a strong password? Take a look at this password generator. Remember to change your password periodically!
– Do not open attachments from unknown senders – Just like we were told when we were kids, talking to strangers may be bad. If you get an email from the USPS, UPS, Amazon or your bank with phrases like “There is a package we tried to deliver to you. Please see the attached document on how to claim your package”, pause. Services like PayPal, your credit card company or your bank will NEVER ask you to launch an attachment to put your information in. When in doubt, log on to the service through your web browser directly–not through the email attachment or link–and investigate the authenticity of the request sent.
– Don’t share your user account or password via email. Following up on the last tip, do not email your account or password in response to an email request. The vendors or institutions you are working with don’t need it – they know who you are – and they don’t want your password, as it may breach their internal security policy.
I’m guilty of at least one of these transgressions. I will mend my ways.