The modern office cannot function without email. According to the Radicati group, a statistical employee receives 121 messages per day. In such a traffic, it can happen that, next to spam, this one extremely unwanted virus email will also be sent to our mailbox. While this is an important issue, the question of email attachment security goes much further.
Another day at work. Fresh bolded messages are already waiting excitedly in the Inbox. In the course of prioritization, you choose three or four important topics that you will deal with first, but one of them is fighting for your attention a little more fiercely than the others. There is something urgent and desperate about it. You click with concern. The author seems to be trying to keep it formal and friendly, to be authentic, but you feel that something is not right here. In the way he is addressing you there is strange confidentiality, trembling hands. You can congratulate yourself!
There is a good chance someone has tried to extort data from you and you managed to see through his intentions. The person has impersonated a colleague who urgently needs your help in finding a lost cell phone. At the same time, he tried to persuade you to click on some bizarre, out-of-context attachment that was supposed to help solve the problem. Anti-phishing training was not in vain!
The above example shows one of the “stereotypical” mechanisms of a personalized hacker attack. The work environment, especially of large institutions, is exposed to their influence extremely often. At the office, we communicate formally on a daily basis with many, often completely unknown people. In such conditions it is easier to make a mistake while browsing correspondence, as we come across a serious-sounding message from who at first glance is a trusted sender – a friend from another department, even a supervisor – but in fact is not. Fortunately, we are not defenseless in such a situation.
Technological security of email attachments
Popular email providers, including Google, have tools that prevent potentially dangerous files from being attached to messages. The giant from California mentions here among others files with .exe, .dll, .cmd extensions and several dozen others. They also offer built-in antivirus systems that automatically detect threats. Does the use of such a sieve really limit the possibility of spreading viruses? We should remember that even popular and generally considered safe files, such as .jpg, .doc or .pdf may contain viruses or malware. These types of files are a tasty morsel for criminals because, in the end, they are the most common files attached to company mail. Importantly, Google services do not scan for viruses for attachments larger than 25 MB. In we want to share larger files, for example project documentation containing unusual files, popular solutions might not be enough. There are, however, alternative dedicated tools, including Data Rooms, which anti-virus systems usually do not have such restrictions.
There is one more threat to email. Even if the files attached to the message looks safe to the antivirus, such as text documents, in their content or file properties there might be included links to infected websites, which are pretty much undetectable. Such a masked attack belongs to the category of mixed attacks, which is currently one of the most widespread practices used by hackers currently. Let’s get back to the example from the beginning of the article: the context in which the virus attachment or a dangerous link was placed can be evaluated correctly only by the recipient of the message. Therefore, we should be vigilant every time we open a message, even being aware of the presence of anti-virus filters. By the way, as far as access to file properties is concerned, in this case, too, the risk can be minimized with the help of VDR, which has a “read-only” option, thanks to which it will be possible only to display the content of the document by the recipients, without being able to view its properties.
Security of attachments - it is not just the viruses
When talking about the security of attachments in the office environment, we take into account not only external threats, such as the cases of infections described above, but also, and perhaps above all, protection of the confidentiality of attachments that we share. Can an unauthorized attachment we send be captured or its contents previewed? Are we sure that in the course of a multi-threaded conversation with many recipients we will not make a mistake and will not send or otherwise provide a sensitive file to an unauthorized person? Data confidentiality can be compromised in many different situations.
E-mail service providers provide appropriate protection tools for both e-mail correspondence and files. All communication is most often encrypted and most often it is only by getting the login and the password to the mail appropriate email account that an unauthorized person can reach the data. We write more about the security of cloud solutions in the article: “Cloud data storage and file security”. The issue of good practices of handling the attachments remains open. Once again, its value turns out not to be overestimated.
Email, which is not a dedicated tool for sharing confidential information, leaves a lot of room for human error. Dedicated data sharing tools give you much more control over what we send and to whom. In the case of sending confidential data, it is once againg worth using the Virtual Data Room offer, which guarantees the security of attachments (or simply files) both from a technological and functional point of view. It eliminates many inconveniences associated with email.
Use VDR features to your advantage
In addition to the already mentioned “read-only” mode, which allows us to display the content of documents and blocks the ability to save the file or copy its content, there are a number of additional options. With the help of the VDR system, we can share any type of file, while maintaining full discretion as to whether a given file can be downloaded to disk and who can do it. The recipient’s permissions can be modified at any time, so we can block access to the file in the event of a mistake. Therefore, we can “undo” the sending of a file. And a number of settings can further facilitate and organize communication with many recipients. Email does not offer this level of information exchange control. We write more about the secure exchange of files and documents in the FORDATA system on the security page.
For nearly fifty years of the existence of email, business community has created an email etiquette that regulates security issues and at the same time determines the company’s image. Over the decades, however, tools dedicated to specific processes run by enterprises have been created, too. They have become a new standard on which both the level of information and online user protection, plus the level of professionalism of the company, will depend.
Did you like the article?
How many heads, so many ideas. That's why each of us contributes to making the content on our blog attractive and valuable for you. Discover a source of knowledge and inspiration for your business with Fordata.
Do you want to exchange knowledge or ask a question?
Write to me : #FORDATAteam page opens in new window
01 . Cloud data encryption - what to know before choosing a provider?
Technically and practically speaking, all popular cloud-based tools are securely encrypted. In fact, this means that we do not have to worry about the problem of data encryption…
02 . Can Microsoft One Drive or Google Drive replace VDR?
Can Microsoft’s and Google’s Drive replace VDR? Popular storage clouds are convenient but can they provide the same level of security?
03 . Cybersecurity - what should companies pay attention to?
Entrepreneurs today look at remote work without fear, although many could not imagine effective work outside the office earlier this year. The pandemic proved that…
04 . Flexible office - how to respond to new needs?
Companies have returned to offices with new needs. Entrepreneurs are starting to look for flexible rental models thanks…
05 . How to black out text in a PDF document correctly?
Document redaction has many faces – it may turn out that overwriting of the text in our document, which at first glance looks…
06 . Safe cloud and the user - a marriage of convenience
According to a report on cloud computing prepared by McAfee, up to 87% of the companies surveyed believe that…
07 . Rules of Safety Policy in FORDATA VDR
The FORDATA team is aware that even well-secured infrastructure has no chance against any infection resulting from human error.
08 . Dropbox security - what should your business know?
Dropbox makes collaboration and sharing of documents easier but is the platform secure enough for our company to process confidential information with it? What to…
09 . Fake software aggregators – how to identify them?
Fake software aggregators and Virtual Data Room industry. See how developers try to deceive their customers with fake software comparison websites.
10 . Cloud Data Storage And File Security
The internet has become a common thing in companies’ lives. The enormity of dedicated services, fast transfers and increasing mobility…
11 . FORDATA wins the 2019 Premium Usability and Rising Star Award
FORDATA has earned the prestigious 2019 Premium Usability and Rising Star Award from FinancesOnline, a popular B2B software…
12 . Due Diligence audit using Virtual Data Room - security in your company
The process of sharing confidential information can be greatly improved by using Virtual Data Room. Preparing for an audit?
13 . What is electronic data repository?
What is electronic data repository and why to use it? Maybe you already do? Read about the features and advatnages of a good online repository.
14 . Safe alternative to Dropbox in Due Diligence
Why should I pay for VDR when I can use Dropbox?’ – our clients ask this question sometimes. Yet the answer is not that straight…
15 . FORDATA recognized with 2 IT Security Software Awards!
FORDATA got Two Awards through a renowned organization FinancesOnline, a fastest growing independent review platform.
16 . Virtual Data Room: Everything you need to know
What is a virtual data room? What benefits can we achieve by using the system in merger and acquisition transactions?
17 . GPG standard - a word on encrypting confidential data
Some users want it 101% safe. If the files we share via cloud services really need that extra layer of protection, encrypting them with a GPG standard might be a good idea.
18 . How can we help you with Due Diligence?
Time plays a major role in M&A transactions. Even the smallest improvement that saves time needed to prepare and perform Due Diligence…
19 . VDR in due diligence process
M&As are a permanent element of the economic world. Their goal is to achieve strategic and financial benefits by expanding markets, diversifying products and production processes.