Good practice, Part 7: Digital e-mail signatures
It is a good practice to sign e-mail. It is as simple as that. But it's good to know how digital signatures work so you understand why you should trust them....
How to: Include more than 10 DNS lookups in SPF
I have talked about the benefits of SPF in an earlier article. It's a crucial part of e-mail security. But you can only have 10 DNS lookups in your SPF. What do you do if you hit that limit?...
The Hydro cyber attack: How you can protect against it
Earlier this week, Hydro was hit by a ransomware attack. It seems like LockerGoga was utilized by the criminals to encrypt/destroy files on Hydros computers. Even though we don't have all the details about this specific a...
Good practice, Part 6: Protect against business e-mail compromise and fraud
E-mail is perhaps one of the most important attack vectors for cyber criminals today. Companies have lost a lot of money due to e-mail compromise and fraud....
Good practice, Part 5: E-mail authentication and reporting
Most businesses send e-mail from individuals and systems to customers, suppliers, and partners. But are you sure these messages actually reach their recipients? What can you do to improve deliverability? This article will ...
Good practice, Part 3: Application control on Windows clients
Users are able to install some software without admin rights, and malware take advantage of that. In this article I'll discuss how you should mitigate that problem....
Good practice, Part 1: Password Policy
You probably heard about the password policy "industry standard"; 8 characters minimum, complexity rules and expiration after 90 days. But is this good enough?...