Once hackers have your information there are a number of ways to access your accounts.
With enough information, a determined hacker can gain access to your accounts.
Phishing – acquire sensitive information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication
Man-in-the-middle attack (MITM) – attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other.
Session stealing(cookie hijacking) – exploitation of a valid computer session (session key) to gain unauthorized access to information or services in a computer system. … theft of a magic cookie used to authenticate a user to a remote server.
Keylogging (Keystroke logging/keyboard capturing) – recording (logging) the keys struck on a keyboard, typically covertly.
Social Engineering – psychological manipulation of people into performing actions or divulging confidential information
Hacking your computer – malware planted on your computer allows hackers complete access to your data
If a hacker has access to your computer you need to have it cleaned.
Doesn’t SSL Secure My Email?
Using SSL for your email provides security between you and your email host.
Prior to SSL (Secure Socket Layer) emails were sent in plain text from your email client like Outlook to the host server.
Google’s chart below shows that most email to and from Gmail in the America’s uses SSL.
SSL is helpful but it doesn’t keep anyone with access to the server from reading your email or necessarily guarantee that it will be transported to the recipient via SSL.
Client-side SSL is a step in the right direction but encrypting you email is much more secure.
Using SSL and SSL Email Setup?
If you want to check whether you are using SSL you can use Comcast’s guide to interrogate various email clients.
If you need to setup an email account to use SSL you can contact your provider or Google setup “Provider Name” email.
“Provider Name” is the provider who sends you a bill each month.
Implementing Secure Email
We encrypted email for our clients back in the late 1980s but it was tedious to setup and use.
Consequently, secure email was not considered a priority and seldom used.
We need encryption to ensure that sensitive email is not compromised.
This requires some inconvenience on the clients but it’s the best way to secure our email.
HIPAA Compliant Email
With the advent of the HIPAA (Health Insurance Portability and Accountability Act) companies have become more security aware.
If you send sensitive email or work in the medical industry you may be required to secure your email or face penalties.
The Health Insurance Portability and Accountability Act (HIPAA), sets the standard for protecting sensitive patient data. Any organization dealing with protected health information (PHI) must ensure that all the required physical, network, and process security measures are in place and followed.
HIPAA compliance requires partners to sign a Business Associate Agreement (BAA).
HIPAA Compliant Hosts
GoDaddy and other hosts offer HIPAA compliant email.
GoDaddy was the least expensive of the providers we found using Exchange email.
HIPAA COMPLIANT EMAIL
HIPAA requires health care providers to ensure that their business associates will safeguard Protected Health Information (PHI). If you are interested in emailing with your patients, or sending any patient data through email, you need to be sure that your email is protected in a HIPAA-compliant manner.