Are your Business email users TFA secured?

In today’s email age, the biggest challenge that most companies face is data security. Therefore, it remains the top priority across all organizations.

TWO FACTOR AUTHENTICATION

At Rediffmail Enterprise, we have made some modifications to the security features that make your business email more secure. The unauthorized access to email accounts is the major concern raised by most IT administrators of organizations today. This breach is usually caused when users access their email accounts on public Wi-Fi platforms or set the same password for more than of their email addresses, social networking accounts, e-commerce site profiles, other online profiles and so on.

Our team performed a thorough analysis of the data based on the issues faced by the administrators and rolled out the Two Factor Authentication (TFA) feature within the current interface to address the security concerns. TFA is a technology to ensure that only the genuine owner of the account is allowed to access it. When TFA is enabled for a user, the system sends a four digit pass-code to the user’s registered mobile number. The user can only access the mailbox if both the password and pass-code are verified. The TFA also ensures that only the verified user can make security changes to the account like changing the Password and using add Auto-Forward feature.

How to enable two factor authentication for my domain?

As an administrator, you can enable TFA for the entire domain or selected users by clicking on Domain level management within the admin panel and further clicking on ‘Feature Access Restriction”.

What happens if user have not specified his mobile number?

The user must add mobile number to the account for enabling the TFA feature as it needs a registered mobile number to send the pass-code. If user has not specified his mobile number then TFA will not work for him

Does TFA works for international mobile numbers?

A pass-code would be sent to user’s mobile even if the user is based out of India. Activating this feature will surely assist to keep your business email more secure. We are also continuously looking to enhance our current email solutions with more and more advanced features.

Button-KnowMore

Inhouse or Cloud mail? What should a IT manager choose?

For many organizations, IT is not their core competency; let alone managing email services. Business emails are their critical support mechanism. Most of the times, organizations who have setup in house email services underestimate email’s full cost to their organization.

In-house Email Solution

The cost of in house email is not just limited to licensing and hardware cost. It includes costs of staff, maintenance, storage, archiving, mobile email, etc.

  1. Maintenance and support
    To calculate actual cost of software licenses, one should also include annual maintenance and support cost along with installation charges. Software up gradation costs are also significant and should be included in software licensing costs.
  2. Storage and archiving
    With mailboxes size increase and accumulation of attachments over the period, the cost of storage soar rapidly. Along with this archiving, business continuity, e-Discovery, and regulatory compliance add significant cost to email.
  3. Staffing cost
    For In house solution, you need have dedicated team to manage the operations. The resources are needed not only for general email administration but also to maintain sanity of servers and network, block SPAM and virus attacks, monitor hardware against failure, install latest patches or upgrades on servers, build redundancy in system etc. Each of these tasks needs a skilled resource who understands the mailing solution from end to end.
  4. Hardware cost
    The hardware cost is not limited no of servers or routers. The biggest contributor to hardware cost is the power and data center cost.
  5. Redundancy
    In house email solutions are not scalable easily. To add new users in system, administrator needs to scale up multiple systems such as data storage, servers, ancillary services such as anti-spam, backup and archiving, etc. To avoid last minute hiccups administrators, configure all these services in excess thus introducing redundancy in system. Also for business continuity, IT administrator has to make sure that they have redundant infrastructure in case anything breaks up.

If we consider all these costs for managing in house email services, the actual cost of email per user increases at least four times the cost of one email license.

Benefits of Hosted E-mailing Solution

In hosted mailing solution, customer need not to worry about the email infrastructure and its maintenance. The benefits of hosted mailing solution go beyond cost,

  1. Scalability
    Using hosted mailing solution you can rapidly add new users. You don’t have to waste time in procuring licenses, provisioning mailbox space or setting up email accounts. Also hosted mailing solution can cope up with sudden increase in inbound or outbound email traffic easily.
  2. Always up to date
    The hackers and spammers are continuously inventing new techniques to invade into your mailing system. If your mailing system is not upgraded with latest security patch or upgrade, it can cause heavy damages to your business critical information. Rediffmail Pro email solution is always up to date with all the security updates and you don’t have to worry about security of your email data.
  3. IT resource management
    Cloud email service provider is managing your email solution, you can allocate valuable IT professionals to more business-centric projects. The opportunity cost of running email on-premise is that your staff must spend time on email support, rather than revenue generating projects is quite significant.
  4. Secure email service
    The reason for which most of the organizations opt for in house email solution is that they are worried about their data security and control over hosted email service. However, with cloud email service provider the data is transmitted using secure channel and moreover it is stored at a secured premises. Also hosted email solution provides inherent redundancy which makes sure that the data is replicated. Also you can control unauthorized email data transmission by defining user level restrictions and policies for their email usage.
  5. Access to open technology
    In house mailing solutions binds you to proprietary technology and protocols. This limits the access to advanced technology or devices. Even if the in house mailing solutions have a application to integrate with different devices or software, it comes with huge licensing cost. Hosted email services brings in value from the open world, which gives the business an IT edge to integrate with free clients and applications like Thunderbird, ERP systems etc. With open technologies, you could use any Android based phone/ pad/ tab, iPhone, iPad, to get seamless access to email, calendar and address book, while on the move. A possibility like this allows the field force to be more connected to each other and not just the top management.

7 benefits of professional email for your business

Still using a free email ID for your business? See what you miss if you don’t have professional email addresses like yourname@companyname.com :

  1. Stand out from the crowd, or more precisely from a flood of anonymous free email users in the inbox of your clients.
  2. Get instantly recognized & remembered as the person representing your organisation, from the domain name in the email ID, regardless of the fact that they have never met you.
  3. Be trustworthy with email from your own domain with website as compared to a suspicious & anonymous free mail ID user who could be a scammer or a phisher.
  4. Get the professional identity, as they say, the first impression is the last impression, which in this age of limited attention, is more important than ever.
  5. Build & promote your own brand credibility with every email address and with every email with your branded signature, as compared to promoting a free mail brand.
  6. Seem Bigger and Organized by having separate email addresses for info, sales, support, billing, feedback, account, career, contact etc
  7. Get better data Security & privacy features to take full control of your email management as compared to being susceptible to continuous attacks being a freemail user.

Rediffmail Enterprise provides business email on the cloud to Small Businesses, that comes with freedomain, free website to showcase your products or services and free email app for your mobile.




7 reasons to choose web-mail over desktop-mail

Webmail are web-based email accounts, usually operated from a website. Webmail for business allows the users to access their emails on their own domain and admins to control & manage their company email on the cloud. Gone are the times when webmails used to be a reduced version of the desktop email client. Now many webmails for business have developed far beyond the desktop email counterparts.

Here are our top 6 reasons to switch to Webmail :

  1. PROFESSIONAL EMAIL MANAGEMENT
    Small businesses to big corporations, manage their emails professionally at their own domain : Add/Delete users, Change password, Apply restrictions to incoming & outgoing mails & it s attachment by size or type, Create & manage mailing list /groups, White List domains, Manage visibility of shared Global address book, Block Sender – all the tools needed to protect your company’s interest from the cloud based admin panel. But more user ids as your business grows.
  2. ACCESS ANYWHERE, ANY DEVICE
    Having email in one location only is not an option. Unlike a desktop client email client, you can access your emails anywhere without ever worrying about syncing anything, simply need you to log in, and the rest is done. Any computer or phone from anywhere in the world, is as good as your PC when you check your email. A good webmail will allow Complete sync & Seamless access of email, calendar & contacts across devices & applications – like Desktop mail client, webmail, and any mobile phone or tablet. You can also get a downloadable Mobile app that works on most phones and tablets. Admin can Block mobile email access on when employees leave organisation remotely!
  3. NEVER DELETE A THING
    Auto-Save large volumes of incoming & outgoing emails in huge mail boxes of storage capacities upto 25GB and with total email attachment size of upto 20MB per email, without worrying about backing up your older ones and no reason to worry about clearing archives or folders to accommodate new incoming mail. If you rely on old messages to get things done, you dont need to painfully go through the list to find one when the time comes. Auto-save and intelligent search feature helps retrieve pretty much anything we need in email. Save your precious time and save yourself from headaches with the right webmail service for your organisation.
  4. STAY ORGANIZED AND WORK EFFICIENTLY
    Organization is a breeze because appearance tends to be “cleaner” when using web-based email options, unlike the messy “indented” look that desktop clients. Not only can some Webmails do pretty much everything that s desktop client can do, but can even do MORE. Organize your mails in folders to find them easily or create filter to have the mails automatically delivered to the folder. Set Auto-save IDs, Auto-forwards, Auto-responders or vacation mails, HTML signature etc
  5. MANAGE MULTIPLE EMAILS IN ONE BOX
    Pull all your mails from multiple accounts (e.g. Gmail, Yahoo! Mail, VSNL or POP accounts) in your one single mail account. You can choose the appropriate “sender” to keep it personal or professional, depending on your receiver.
  6. OFFLINE ACCESS
    The need to access your email offline is slim because wireless access is practically available anywhere. However, some desktop clients persuade themselves to stay with Outlook because they are allowed offline access. They may not know this, but Rediffmail Enterprise offers offline access too!
  7. OTHER REASONS
    Desktop email clients take time to install and configure, and it will definitely not be worth installing a desktop email client in order to track one email account and it is tied to an OS (such as Windows, Linux or Mac). Syncing between multiple computers and devices can be problematic and it is a pain to learn how to use one more software program. Plus you might not want to keep your mail data on the computer you are using. Webmails need no installation as cloud apps are rendered in browser and not tied to any platform. Its easy to use, just log in to your web-based email account from anywhere, any device, without worrying about conflicts and synchronization, keep all your email data off your computer and entire email software updated automatically by the email service provider. And the Users & admin need to have the technical knowledge because the email service provider is responsible for maintaining them.

In conclusion, Webmail means more easy-to-use, convenient, flexible, efficient and effective email service and it caters to a number of needs a desktop client cannot meet. Rediffmail Enterprise offers email access from the web, on your desktop, phone or any other device at an affordable cost for Small, medium & Large Businesses.

14 point checklist to Business email security

In a world of constant changes and increasing access points, transmission and storing very sensitive user mail data has huge repercussions if this data gets into wrong hands and hence businesses small or large, will also need to keep upgrading their IT security measures. The best of the Enterprise Cloud email services and solution providers are constantly working to enhance the security measures, built all the services and applications to comply with highest security standards, fortify security infrastructure to mitigate the risks even at granular levels and have some of the most advanced Security Features, which can be applied as per your company IT policy by the admin over the cloud.

Here a few must haves that you could check before you make your decision to go with any Email service provider :

1. Secured transmission :

Secured transmission is an inherent requirement of any business email – secure login to mail service via ‘HTTPS’ ensuring no unauthorized entity can intercept mail data across all access points. Ensure Emails and the attachment encryption of incoming & outgoing mail data.

2. Secure storage :

Storage at secured locations at multiple data-centers in proximity to the international internet landing stations to reduce latency and most reliable power supply, equipped with bio-metric scanner, surveillance cameras and guarded 24x7x365 and multi-level checking to ensure only the authorized personnel have access to storage location

3. Security Vulnerability detection :

Automatic vulnerability detection systems foil hacking even before the process starts, blocking access to mails, if any deviation from standard email usage is detected.

4. Security audits :

Security systems be up-to-date with latest security patches and audited by third party tools to ensure no vulnerability is left.

5. Virus & Spam protection :

Inbuilt antivirus of zero virus outbreak capability and real time new virus definitions Multi-layered spam protection with advanced mail filters, and custom spam setting for individual & entire domain whitelisting & blacklisting.

Here a few must have features in your cloud based admin control panel, before you make your decision to go with any Email service provider :

6. Password Policy :

Effective password policy prevents passwords from being hacked, guessed or cracked by a cyber-vandal and cause severe damages – entire customer database might be deleted, mess up your inventory, critical data posted onto the Internet, steal your customer list, customer’s credit card numbers. Password policy feature must allow to set length, complexity and expiry (typically for a period for 15-30-45 days). User gets an alert of expiry & should change password, incase he is unable to do so IT team can reset password via email admin.

7. Mail Access Restriction :

Mail Access Restriction feature allows administrator to control users access to mails through multiple settings. Prevent people outside your network from accessing your email by restricting users to access mails only from allowed network/IP. Restrict certain users from accessing mails outside your company network or allow them to access mails only via secure channels wiht reference of protocol. Control user mail access from more than 10 channels like HTTP, POP3, IMAP, SMTP, WEB etc

8. Incoming And Outgoing Mail Restrictions :

Protect inflow and outflow of mail data by framing suitable policies. Restrict incoming/outgoing of mails from/to unwanted domains from the cloud based admin panel. Once the restrictions are applied, the User will no more be able to receive mails matching the conditions specified by you. e.g. @xyz.com or abc@xyz.com.

9. Incoming And Outgoing Attachment Restrictions :

Framing suitable policies on the attachment and send-received mails from a domain or an individual. Admin can block sending/receiving of unwanted/suspicious attachments like exe, cab, etc. On applying restrictions, user will not receive or sent mails of similar attachments. Admin can also restrict the file size as per the business requirement of each user or on the entire domain, to ensure just enough transfer of email data via attachments.

10. Auto-Forward restriction & monitoring :

Disabling of auto-forward must be set by Admin to all or required users. For those who are allowed to auto-forward, Admin can check Auto-forwards set by user.

11. Two Factor Authentication :

Two factor authentication is enforced on all the users having valid mobile numbers by default. Every user with valid mobile number will be challenged with extra authentication in form of mobile code while logging in to webmail. TFA is also triggered when user changes his password, change the password recovery info or sets an auto forward to his account..

12. Mail Monitoring :

Do you have managers of group of users dealing with information critical to your company and worried about the mail activity of those users? Sweat not, Prevent mischief and control the quality of mails send and received by email users of your company’s various teams by setting up mail monitoring for those accounts. The users would not get to know that they are being monitored and the monitoring manager would be able to see all mails sent & received by the group of users in a single stream.

13. Proactive ID protection :

Attempts to compromise account credentials have been on an exponential rise – with situations like spurious login attempts, identity thefts, etc. Rediffmail Enterprise IDProtect has been built to protect proactively in real time and act as a shield against most type of access frauds. It is a self-learning engine that uses sophisticated algorithms to map every users legitimate access patterns. IF IDProtect detects any new access pattern (from a new location or new network), the notification sent will have details of Service (Web, App, SMTP, POP3, IMAP) & ISP. Aberrated access patterns are intercepted real time & are red flagged. Users are then notified to Allow or block such access requests and the system will Whitelist or Blacklist them. For any unknown access, it is recommended to change password immediately & disinfect all devices using standard anti-virus/malwares. Admin can monitor all notifications sent to his users using Admin Panel & can also Block or Allow access on behalf of users.

14. Email Spoof protection :

Email Spoofing scamsters send email to your users from an anonymous proxy using your own domain. Emails sent using a good email service provider’s SMTP are signed using DKIM technique. If intended for internal (same domain) users, then DKIM signature can be verified on receipt & delivered in inbox and mails failing to verify will be considered as spoof. Emails sent using SMTP of other Service provider (using third party system like Payroll, CRM, Email Marketing, etc) may not be signed using DKIM, and could create a problem as Legit mails will be identified as Spoof. To avoid the same, SPF (Sender Policy Framework) record must be added in your DNS along with IP address. SPF is a system to help domain owners specify the IP addresses of servers which are authorized to send mail from their domain. Recipient’s mail systems can check to make sure that the server sending email from that domain is authorized to do so, to reduce the chances of email spoofing. Mail servers that accept emails, do a SPF check by looking up the SPF record of the sender. Rediffmail Enterprise make best efforts to track and block such attempts of spoofing via DKIM & SPF, among other methods.

Mentioned Features to a larger extent will help prevent cases occurring due to spam/compromised accounts, Other than this it is also noticed that the access/compromise can be through local network to the company via their machine, desktop, laptop or device which may be infected by a Keylogger, Malware, Spyware or another virus.

Some Recommendations to Manage IT security within your company & for your users:

  • Update all PCs on your LAN with latest service packs/security patches (This can be downloaded from respective OS website e.g Microsoft.com for windows)
  • Never subscribe- free newsletter, marketing mails or any unknown link using their official id
  • Do not open any mails/attachments sent by Unknown Senders & also not visit any unknown websites as they may affect the user machines without his knowledge
  • Do not access mails from any open/unknown networks especially WIFI networks or cyber cafes

We are sure implementing advanced features & following IT policies mentioned will help in keeping your Email Secured.

Rediffmail Enterprise is an Award winning premium enterprise cloud email solution provider dedicated to security of the highest standards providing email services to small, medium and large enterprises. The additional security features discussed above is available for admins only in the Premium version of Rediffmail Enterprise.

Button-KnowMore

The POP3 IMAP dilema

Does email jargon confuse you? While configuring your email client, did you have to choose between POP3 and IMAP. Dive in to find out about the differences between them and what suits you best.