editione1.0.0
Updated October 9, 2023Now you have an email domain set up, it’s time to ensure your email is protected. Whether it’s brand new or you set up a business email domain in the past, you can revisit these steps:
Set a strong password policy.
Require 2FA for all users.
Provide a password manager to your team.
Disable the use of insecure third-party apps.
Turn on message scanning.
Disable automatic forwarding.
Turn on basic logging.
Prevent your emails from being labeled as spam and identity misuse.
We’ll now walk through each of these steps. The theme we are going to follow is “setting up email so it is secure by default.” This means security is on and protecting you, your employees, and your domain without having to take action yourself. This is ideal to save time and avoids requiring technical skills to understand what is going wrong if something bad does happen.
You aren’t a security expert, and that is OK. It is kind of like paying an accountant to take care of tax filing or accounting needs. You could probably do it if you tried—but why spend the time? We can set up your business email accounts so a few steps are taken up front to protect it, and you don’t have to think about it much after. You can trust your business email provider to do it for you.
At this point, we assume your business email domain is set up, and you have your own administrator account. Now we need to make sure when your employees log into their accounts, they can set everything up safely.
Most major business email account providers will already have strong rules that users have to follow when making their first password. These rules are password characteristics like numeric, alphanumeric, upper-case, lower-case, and special characters. Those of us with scar tissue from old, enterprise workplaces might remember needing to reset your password every 90 days too.
Times have changed, even if the old enterprise workplace password policies have not.