Email is the killer app for business.
Don’t let it kill your computer.
Encrypt messages you create or forward that contain sensitive or personal info.
Use your organization’s email encryption feature to protect messages that include sensitive or personal info.
Agree within your organization how to handle the classification of messages.
When forwarding messages, can your users assume that messages from other staff members have been classified correctly, or must each user review every message they forward?
Be skeptical of every message you receive.
Be really skeptical if the message has anything to do with money, if the message has links to websites that ask for personal info or usernames and passwords, if the message requires you to take some action soon, or if it’s an automated message you’ve never seen before.
Forward messages to a technology staff member if you think they might be scams.
Be skeptical of email attachments.
… especially if you do not expect them, or do not know what they are, or they don’t seem to relate to the email message itself.
Forward it to a technology staff member if you have doubts about whether it’s good or evil.
Pay close attention to security warning messages you receive.
… messages about recent password changes, logins from new devices, security breaches and other activity. Especially if they ask you to take some specific action.
Many of these messages will be scams that want to trick you into giving up your username and password info.
Some will be legitimate and they can warn you about real unauthorized activity on your accounts.
Forward any messages to your technology staff if you question their legitimacy or wonder how to respond.
Enable warning and security messages in the websites and services you use when given the option. Especially in banking and financial services.
Don’t use cloud or Web services to exchange files too large to email.
… unless the files themselves are protected with strong encryption. Ask your technology staff how to do this.
Don’t rely on the built-in protections of third-party services like Google Drive, Microsoft OneDrive, DropBox, Box, etc.
Do not use cloud or Web services for business purposes unless approved by your technology staff. Assume that any info you store in these services will become public.
See background info on this post.
My (Un)License is incorporated herein.