Cybersecurity Tips For Enterprises

• Oct 14, 2010

With the recent rise in malvertising, high-impact data breaches and other malicious security threats, the practices and secure infrastructure of legitimate marketers increasingly have been called into question.

As a result, the overall trust of marketers as custodians of outbound messages communications is becoming more fragile every day. In order to help stem the erosion of this trust, marketers need to take immediate steps including adoption of voluntary best practices and self-regulation to minimize security risks and educate their customers about what they can do to safeguard their communications.

Dave Lewis, CMO of Message Systems, provider of fast, flexible and holistic message management solutions, and a board member of the Online Trust Alliance (OTA) offers these cybersecurity tips for enterprises.

Amend data collection practices. This is the most important step companies can take to reduce security risks and ensure customers that they are not collecting and distributing any personal identifying information such as names, phone numbers or physical and IP addresses.

Maximize e-mail authentication protection. E-mail authentication standards are a line of defense for spam, spoofing, fraud and malicious threats. Using one solution is not enough -- two complementary efforts should be used, such as SPF/Sender ID and DKIM. Enterprises can leverage these standards to apply reputation scoring and protect users from going to deceptive sites.

Apply extra barriers to entry. In support of the OTA’s call to action for all ecommerce and consumer financial services sites to add more certification protocols, deploy Extended Validation Secure Sockets Layer (EV SSL) to help combat deceptive and illicit web sites. EV SSL Certificates are supported by all leading browsers and provide recognition for companies through an additional e-mail verification and audit process. They assure visitors to your company’s site that if they are a customer of yours they can validate that it is indeed your web site they are accessing.

Upgrade your messaging infrastructure. Today’s messaging infrastructure is outdated and ill prepared to combat the volume of threats that exist. Third-party security and encryption systems require high performance, flexible and scalable messaging platforms in order to be effective. A next generation threat protection system is essential.

Be respectful and transparent. Adhere to customer preferences for when, how and where they want to receive communications. When contacting customers, be sure the message is relevant and obey permission and privacy guidelines.

Educate the customer. Protecting end users doesn’t just have to be the responsibility of the company. Educating customers about what they can do to protect their communications online by keeping their anti-virus systems up-to-using a secure wireless network and being cautious about who they share their data with can go a long way in helping your company to preserve its reputation.

“Online trust is a fragile thing. It’s hard to earn, delicate to maintain, and requires constant renewal,” Lewis said. “Enterprises today need to not just be vigilant with their messaging security practices to prevent phishing and other data breaches, but should take proactive steps including self-regulation to protect their brand reputation.”