Are your Business email users TFA secured?

In today’s email age, the biggest challenge that most companies face is data security. Therefore, it remains the top priority across all organizations.


At Rediffmail Enterprise, we have made some modifications to the security features that make your business email more secure. The unauthorized access to email accounts is the major concern raised by most IT administrators of organizations today. This breach is usually caused when users access their email accounts on public Wi-Fi platforms or set the same password for more than of their email addresses, social networking accounts, e-commerce site profiles, other online profiles and so on.

Our team performed a thorough analysis of the data based on the issues faced by the administrators and rolled out the Two Factor Authentication (TFA) feature within the current interface to address the security concerns. TFA is a technology to ensure that only the genuine owner of the account is allowed to access it. When TFA is enabled for a user, the system sends a four digit pass-code to the user’s registered mobile number. The user can only access the mailbox if both the password and pass-code are verified. The TFA also ensures that only the verified user can make security changes to the account like changing the Password and using add Auto-Forward feature.

How to enable two factor authentication for my domain?

As an administrator, you can enable TFA for the entire domain or selected users by clicking on Domain level management within the admin panel and further clicking on ‘Feature Access Restriction”.

What happens if user have not specified his mobile number?

The user must add mobile number to the account for enabling the TFA feature as it needs a registered mobile number to send the pass-code. If user has not specified his mobile number then TFA will not work for him

Does TFA works for international mobile numbers?

A pass-code would be sent to user’s mobile even if the user is based out of India. Activating this feature will surely assist to keep your business email more secure. We are also continuously looking to enhance our current email solutions with more and more advanced features.




Evolution of technology has always kept miscreants busy fishing for vulnerabilities that can be exploited. The influx of smart portable devices has only helped scamsters in broadening their activity. Attempts to compromise account credentials have been on an exponential rise. IT managers have been perplexed with situations like spurious login attempts, identity thefts, etc & are looking for proactive protection. IDProtect has been built to protect in real time and act as a shield against most type of access frauds.

Evolution of technology has always kept miscreants busy fishing for vulnerabilities that can be exploited. The influx of smart portable devices has only helped scamsters in broadening their activity. Attempts to compromise account credentials have been on an exponential rise.IT managers have been perplexed with situations like spurious login attempts, identity thefts, etc & are looking for proactive protection. IDProtect has been built to protect in real time and act as a shield against most type of access frauds. It is a self-learning engine that uses sophisticated algorithms to map every users legitimate access patterns. Aberrated access patterns are intercepted real time & are red flagged. Users are then notified and is expected to take appropriate actions like Block or Allow these patterns.

How will users be notified?
User will get an email on his id, alternate email id & a text message on his mobile. Notifications sent to the user’s mailbox will be only informative Notifications sent to the user’s alternate email id and mobile will contain a link to view details of the suspicious sign in attempt and take an appropriate action.

What should users do after receiving a notification?
IF IDProtect detects any new access pattern, notification will be sent & the it will have details of Service(Web,App,SMTP,POP3,IMAP) & ISP, Users can Allow or block such access requests. New Access pattern will be detected if user accesses his email from a new location or new network. On users acknowledgement system will Whitelist or Blacklist them. For any unknown access, it is recommended to change PASSWORD immediately & disinfect all devices using standard anti-virus/malwares
Admin can monitor all notifications sent to his users using Admin Panel & can also Block or Allow access on behalf of users in case user himself is unable to get notifications.

Warming up to IDProtect
Admins are requested to keep users Mobile numbers & Alternate mail ids updated in system, Users with no details need to contact Admin for actions to be taken.
You can choose to mention your details or common data for system,group ids.

The Cold Start
New Mailbox created needs to verify every service they will use hence it is recommended to mention their proper Mobile Number & Alternate ids in system. We are Sure this Feature will assist you to keep your mailboxes even more Safe & Secure.


In a world of constant changes and increasing access points, transmission and storing very sensitive user mail data has huge repercussions if this data gets into wrong hands and hence businesses small or large, will also need to keep upgrading their IT security measures. The best of the Enterprise Cloud email services and solution providers are constantly working to enhance the security measures, built all the services and applications to comply with highest security standards, fortify security infrastructure to mitigate the risks even at granular levels and have some of the most advanced Security Features, which can be applied as per your company IT policy by the admin over the cloud.

Here a few must haves that you could check before you make your decision to go with any Email service provider :

1. Secured transmission :

Secured transmission is an inherent requirement of any business email – secure login to mail service via ‘HTTPS’ ensuring no unauthorized entity can intercept mail data across all access points. Ensure Emails and the attachment encryption of incoming & outgoing mail data.

2. Secure storage :

Storage at secured locations at multiple data-centers in proximity to the international internet landing stations to reduce latency and most reliable power supply, equipped with bio-metric scanner, surveillance cameras and guarded 24x7x365 and multi-level checking to ensure only the authorized personnel have access to storage location

3. Security Vulnerability detection :

Automatic vulnerability detection systems foil hacking even before the process starts, blocking access to mails, if any deviation from standard email usage is detected.

4. Security audits :

Security systems be up-to-date with latest security patches and audited by third party tools to ensure no vulnerability is left.

5. Virus & Spam protection :

Inbuilt antivirus of zero virus outbreak capability and real time new virus definitions Multi-layered spam protection with advanced mail filters, and custom spam setting for individual & entire domain whitelisting & blacklisting.


Here a few must have features in your cloud based admin control panel, before you make your decision to go with any Email service provider :

6. Password Policy :

Effective password policy prevents passwords from being hacked, guessed or cracked by a cyber-vandal and cause severe damages – entire customer database might be deleted, mess up your inventory, critical data posted onto the Internet, steal your customer list, customer’s credit card numbers. Password policy feature must allow to set length, complexity and expiry (typically for a period for 15-30-45 days). User gets an alert of expiry & should change password, incase he is unable to do so IT team can reset password via email admin.

7. Mail Access Restriction :

Mail Access Restriction feature allows administrator to control users access to mails through multiple settings. Prevent people outside your network from accessing your email by restricting users to access mails only from allowed network/IP. Restrict certain users from accessing mails outside your company network or allow them to access mails only via secure channels wiht reference of protocol. Control user mail access from more than 10 channels like HTTP, POP3, IMAP, SMTP, WEB etc

8. Incoming And Outgoing Mail Restrictions :

Protect inflow and outflow of mail data by framing suitable policies. Restrict incoming/outgoing of mails from/to unwanted domains from the cloud based admin panel. Once the restrictions are applied, the User will no more be able to receive mails matching the conditions specified by you. e.g. or

9. Incoming And Outgoing Attachment Restrictions :

Framing suitable policies on the attachment and send-received mails from a domain or an individual. Admin can block sending/receiving of unwanted/suspicious attachments like exe, cab, etc. On applying restrictions, user will not receive or sent mails of similar attachments. Admin can also restrict the file size as per the business requirement of each user or on the entire domain, to ensure just enough transfer of email data via attachments.

10. Auto-Forward restriction & monitoring :

Disabling of auto-forward must be set by Admin to all or required users. For those who are allowed to auto-forward, Admin can check Auto-forwards set by user.

11. Two Factor Authentication :

Two factor authentication is enforced on all the users having valid mobile numbers by default. Every user with valid mobile number will be challenged with extra authentication in form of mobile code while logging in to webmail. TFA is also triggered when user changes his password, change the password recovery info or sets an auto forward to his account..

12. Mail Monitoring :

Do you have managers of group of users dealing with information critical to your company and worried about the mail activity of those users? Sweat not, Prevent mischief and control the quality of mails send and received by email users of your company’s various teams by setting up mail monitoring for those accounts. The users would not get to know that they are being monitored and the monitoring manager would be able to see all mails sent & received by the group of users in a single stream.

13. Proactive ID protection :

Attempts to compromise account credentials have been on an exponential rise – with situations like spurious login attempts, identity thefts, etc. Rediffmail Enterprise IDProtect has been built to protect proactively in real time and act as a shield against most type of access frauds. It is a self-learning engine that uses sophisticated algorithms to map every users legitimate access patterns. IF IDProtect detects any new access pattern (from a new location or new network), the notification sent will have details of Service (Web, App, SMTP, POP3, IMAP) & ISP. Aberrated access patterns are intercepted real time & are red flagged. Users are then notified to Allow or block such access requests and the system will Whitelist or Blacklist them. For any unknown access, it is recommended to change password immediately & disinfect all devices using standard anti-virus/malwares. Admin can monitor all notifications sent to his users using Admin Panel & can also Block or Allow access on behalf of users.

14. Email Spoof protection :

Email Spoofing scamsters send email to your users from an anonymous proxy using your own domain. Emails sent using a good email service provider’s SMTP are signed using DKIM technique. If intended for internal (same domain) users, then DKIM signature can be verified on receipt & delivered in inbox and mails failing to verify will be considered as spoof. Emails sent using SMTP of other Service provider (using third party system like Payroll, CRM, Email Marketing, etc) may not be signed using DKIM, and could create a problem as Legit mails will be identified as Spoof. To avoid the same, SPF (Sender Policy Framework) record must be added in your DNS along with IP address. SPF is a system to help domain owners specify the IP addresses of servers which are authorized to send mail from their domain. Recipient’s mail systems can check to make sure that the server sending email from that domain is authorized to do so, to reduce the chances of email spoofing. Mail servers that accept emails, do a SPF check by looking up the SPF record of the sender. Rediffmail Enterprise make best efforts to track and block such attempts of spoofing via DKIM & SPF, among other methods.

Mentioned Features to a larger extent will help prevent cases occurring due to spam/compromised accounts, Other than this it is also noticed that the access/compromise can be through local network to the company via their machine, desktop, laptop or device which may be infected by a Keylogger, Malware, Spyware or another virus.

Some Recommendations to Manage IT security within your company & for your users:

  • Update all PCs on your LAN with latest service packs/security patches (This can be downloaded from respective OS website e.g for windows)
  • Never subscribe- free newsletter, marketing mails or any unknown link using their official id
  • Do not open any mails/attachments sent by Unknown Senders & also not visit any unknown websites as they may affect the user machines without his knowledge
  • Do not access mails from any open/unknown networks especially WIFI networks or cyber cafes

We are sure implementing advanced features & following IT policies mentioned will help in keeping your Email Secured.

Rediffmail Enterprise is an Award winning premium enterprise cloud email solution provider dedicated to security of the highest standards providing email services to small, medium and large enterprises. The additional security features discussed above is available for admins only in the Premium version of Rediffmail Enterprise.

7 Reasons to choose webmail over desktop email

Webmail are web-based email accounts, usually operated from a website. Webmail for business allows the users to access their emails on their own domain and admins to control & manage their company email on the cloud. Gone are the times when webmail’s used to be a reduced version of the desktop email client. Now many webmail’s for business have developed far beyond the desktop email counterparts.

Here are our top 6 reasons to switch to Webmail :

    Small businesses to big corporations, manage their emails professionally at their own domain : Add/Delete users, Change password, Apply restrictions to incoming & outgoing mails & it s attachment by size or type, Create & manage mailing list /groups, White List domains, Manage visibility of shared Global address book, Block Sender – all the tools needed to protect your company’s interest from the cloud based admin panel. But more user ids as your business grows.
    Having email in one location only is not an option. Unlike a desktop client email client, you can access your emails anywhere without ever worrying about syncing anything, simply need you to log in, and the rest is done. Any computer or phone from anywhere in the world, is as good as your PC when you check your email. A good webmail will allow Complete sync & Seamless access of email, calendar & contacts across devices & applications – like Desktop mail client, webmail, and any mobile phone or tablet. You can also get a downloadable Mobile app that works on most phones and tablets. Admin can Block mobile email access on when employees leave organisation remotely!
    Auto-Save large volumes of incoming & outgoing emails in huge mail boxes of storage capacities upto 25GB and with total email attachment size of upto 20MB per email, without worrying about backing up your older ones and no reason to worry about clearing archives or folders to accommodate new incoming mail. If you rely on old messages to get things done, you dont need to painfully go through the list to find one when the time comes. Auto-save and intelligent search feature helps retrieve pretty much anything we need in email. Save your precious time and save yourself from headaches with the right webmail service for your organisation.
    Organization is a breeze because appearance tends to be “cleaner” when using web-based email options, unlike the messy “indented” look that desktop clients. Not only can some Webmails do pretty much everything that s desktop client can do, but can even do MORE. Organize your mails in folders to find them easily or create filter to have the mails automatically delivered to the folder. Set Auto-save IDs, Auto-forwards, Auto-responders or vacation mails, HTML signature etc
    Pull all your mails from multiple accounts (e.g. Gmail, Yahoo! Mail, VSNL or POP accounts) in your one single mail account. You can choose the appropriate “sender” to keep it personal or professional, depending on your receiver.
    The need to access your email offline is slim because wireless access is practically available anywhere. However, some desktop clients persuade themselves to stay with Outlook because they are allowed offline access. They may not know this, but Rediffmail Enterprise offers offline access too!
    Desktop email clients take time to install and configure, and it will definitely not be worth installing a desktop email client in order to track one email account and it is tied to an OS (such as Windows, Linux or Mac). Syncing between multiple computers and devices can be problematic and it is a pain to learn how to use one more software program. Plus you might not want to keep your mail data on the computer you are using. Webmails need no installation as cloud apps are rendered in browser and not tied to any platform. Its easy to use, just log in to your web-based email account from anywhere, any device, without worrying about conflicts and synchronization, keep all your email data off your computer and entire email software updated automatically by the email service provider. And the Users & admin need to have the technical knowledge because the email service provider is responsible for maintaining them.

In conclusion, Webmail means more easy-to-use, convenient, flexible, efficient and effective email service and it caters to a number of needs a desktop client cannot meet. Rediffmail Enterprise offers email access from the web, on your desktop, phone or any other device at an affordable cost for Small, medium & Large Businesses.

Why Cloud Based Email Solution?

Cloud Based Email

Getting a Cloud Based Hosted Email Solution for your Business has it’s own advantages –

Enterprise Email Solution provider Experts

Reputed cloud based service providers are those who have been managing email services of large and small corporates since Y2K. Their email platform is built by reputed players from scratch thus they have complete know how of entire email architecture. They are part of many government and technical committees which defines policies regarding email transmission in India.

Robust infrastructure

Hosted Email Service is built with the goal of providing reliable email and messaging services, an appropriate capacity, and redundant components, all hosted within a secure data centre. robust and redundant network infrastructure helps cloud based email provider to deliver mails with minimum latency and ensure up time up to 99.9%.

SPAM control

Messaging anti abuse working group (MAAWG) is an international organization responsible for addressing messaging abuse holistically by knowledge sharing, industry collaboration and public policy. Large players are representative of MAAWG from India and have contributed to address issues relating to SPAM originating from India.

Their multi-layered SPAM filtering mechanisms helps us to filter out up to 99.9% of SPAM messages and known viruses trying to reach user’s inbox.

Enterprise grade admin control

As an administrator of emails on your domain, you can take complete control of email transactions on your domain by defining domain or user level policies and restrictions. The features such as bulk user management, password security policies, mailing to list with controls, branding, global address book sync on outlook 2007 and 2010, etc. are not available with most of the hosted email service providers. You don’t need to certify but does help!

Mail on mobile
With cloud based mobile application which works on most phones, you are able to read your mails, view attachments, respond by replying and forwarding mail. Your actions on the mobile, like replying to a mail, will also be reflected on your PC. Moreover using this application you can get new mail notification on your mobile. On Android phones, you can access your mails even if you are not connected to internet. Using an cell provider for relaying office mails only add another layer of complexity

Customer support
Team of expert customer support executives email and phone based support to their customers. Predefined SLAs with escalation matrix helps the speedy resolution of customer queries. It’s possible to get users to lodge call with cloud based service provider rather than internal helpdesk whose core competency may be limited

And have time limitation in an online world where mails need to work 24*7*365.

Spend s/cost/RoI/licensing/compliance/Capex vs. Opex Cost

Typical cost components of on premise email services in office environment:

  • Cost of Hardware
  • Cost of operating system
  • Cost of storage
  • Cost of power
  • Cost of being compliant
  • Cost of operations manpower
  • Cost of security (antivirus/antispam/ security)
  • Cost of having mail delivered on mobile devices
  • Cost of licensed client software
  • Cost of helpdesk to operate email

In a Cloud based scenario one has to spend only subscription cost which is hundreds of rupees as compared to spending in lakhs (INR).

Only cost could be client software outlook which is normally built in TCO of PC when bought.

Do not get bandied, the way ahead on the road to be taken, is the cloud way. IT dept needs to align with line of business for a fee with a cloud service provider, as there is no such thing as free lunch.