Mastodon

10 email security fundamentals for everyday people

A couple of weeks back, this bloke hit the news when his private emails were leaked and disclosed that he was fond of, shall we say, a very “colonial” vernacular when it comes to talking about our indigenous people:

University of Sydney Professor Barry Spurr

That he is (was?) a professor at a university would normally suggest that he’s a pretty switched on guy, but the evidence is clearly to the contrary.

Speaking of people we’d normally assume to have above average intelligence, you’d probably not expect a Senator to offer a foreign athlete a handful of taxpayer funds to travel over here and then suggest that he be “compensated for the long haul, sexually of course”:

Senator Nova Peris

But here we are; otherwise smart people with dumb email habits. We don’t know exactly how dumb as we don’t know exactly how the emails were “leaked”, but we do know plenty about how everyday people should be securing their emails. I had a bunch of them in the news today plus this piece that just went to air on Aussie TV:

Let me share some more fundamentals on how to keep bigotry and extra marital affairs private or for those of you with more common sense than a professor and a senator, how to keep every day personal communications out of the hands of others.

1. Think before you forward or CC

Unlike a puppy, email is forever. Once you send it, it’s gone and there’s no guarantee of getting it back, even when you “think” both parties have deleted it. You never know who will intercept it (hi NSA!), you never know where it’s been backed up to nor where it’s been stored offline in the case of disaster recovery (for example, tape backups). The only safe assumption is that it will exist forever and be irretrievable because that just may be the case.

2. Be cautious of auto-complete and triple-check mail recipients

I was involved in a lovely to and fro with a bunch of people about a commercial project just the other day. They discussed matters of a financial nature and other sensitive corporate secrets. They copied the wrong Troy. It took them a dozen “reply alls” to realise. This is dead easy to do when the email client auto-completes names and even easier to do when you’re on a mobile device using your stubby fingers. Always, always check you’ve got the right recipient, particularly when the message is sensitive.

3. Use a strong, unique password

Email is the skeleton key to your online accounts. Once an attacker is in there, it’s game on for every other online asset you have from shopping to social to banking. “Strong” means a combination of letters (upper and lower case), numbers, symbols and above all, not guessable (passwords with names and birthdates are key culprits). Unique is just that – you haven’t used it anywhere else. Ever. Ideally, get a good password manager like 1Password because ultimately, the only secure password is the one you can’t remember.

4. Use 2 factor authentication

When all that is between you and an attacker getting into your account is a single password, you’re running a risk that is far greater than what you need be taking. A password is one factor – “something you know”. Now if we add something you have such as your mobile phone and the email service verifies your identity when you first log on by sending an SMS to that thing you have, the security position of your email changes fundamentally. It’s easy to set up too: here’s how to do it with Gmail, here’s how to do it with Microsoft and while you’re there, do Twitter, Facebook, eBay etc. (Incidentally, you may see the terms “two factor” and “two step” used interchangeably and whilst there are differences, they’re generally intended to mean the same thing – a password and a token or SMS on something you have.)

5. Email is not a secure storage facility

If ever you needed evidence that your email is “read” by others, look no further than the fact that Google goes through your mail in order to target ads at you. Do not store passwords in email. Do not store personal financial information in email. Do not store the fact that you’re cheating on your husband and using your political influence and taxpayer dollars to carry on an affair with an overseas athlete in email. Even when you have a strong unique password and two factor authentication, apply the “defence in depth” mindset and don’t take the risk of storing this stuff in your inbox.

6. There’s always email encryption, but it’s rarely user friendly

There exists such a thing as encrypted email and you can indeed secure the contents of the mail between the sender and the intended recipient. Software such as Gpg4win goes some way to making email encryption more accessible, but it’s not often used outside those in technical circles protecting extra sensitive messages or journalists offering sources a secure way of communicating with them (for example Ben Grubb publishes his PGP key). The problem remains a lack of native support across consumer email services and the fact that even in the presence of more secure alternatives, sex talk online or racist rants are rarely preceded by the sender fully thinking through the ramifications of their actions.

7. Your corporate email is not “your” email

You know that email address of yours that’s me@myemployer.com? Yeah, that’s not yours but you knew that already because you carefully read through all the lengthy employee indoctrination material, right? Treat corp mail as just that – the mail of the corporation – and always work with the assumption that they have access to all of it, whether they be legally entitled to it in your jurisdiction or not. It exists on their machines, it transits through their networks and they usually have the legal right to intercept and read it.

8. Email rights management tools are not fool proof

More advanced email services (usually within a corporate or government environment) sometimes offer facilities to help protect sensitive information from risks such as the email being forwarded or printed. Features like Microsoft’s Information Rights Management can be great for protecting discussions about corporate strategy, but they won’t stop your co-workers from thinking you’re a racist idiot and taking a photo of your email on their screen. It is safer not to be a racist idiot via email and even safer again not to be one in the first place.

9. Take your illicit love affairs onto a separate email account

Yes, yes, I know it’s wonderfully convenient to be able to email your mistress from the same account from which you email your wife, but it’s not real smart. The ethics of this behaviour aside, mixing communications that are highly sensitive alongside everyday chatter is fundamentally risky. Keep it off in a separate account with separate credentials and preferably with a separate provider. Keep it focussed on the one mistress (or other highly private equivalent) and use separate accounts if you’re crazy enough to have multiple simultaneous affairs.

10. You cannot lose what you have not sent

This position is often referred to as “victim blaming”, that is it’s a dispersion cast at the accuser for saying it’s the victim’s fault for having sent the mail in the first place. But take the emotional catch-phrases out of it and the fact remains that if you don’t send it, you can’t lose it. Same deal with nudie pics – if you don’t take them then they can’t end up being shared on the web. I prefer that approach to the potential embarrassment which then grants me the ability to use a righteous phrase in my defence, but perhaps that’s just me.

Security Speaking
Tweet Post Update Email RSS

Hi, I'm Troy Hunt, I write this blog, create courses for Pluralsight and am a Microsoft Regional Director and MVP who travels the world speaking at events and training technology professionals