Securing 3rd Party Email

Whether you were an earlier user of AOL, a 90s convert to Yahoo, or today’s devout Gmail customer, most of us have a “personal”  email account for friends, shopping, banking, etc.  These accounts are hosted, served and maintained through a tech company.

That’s fine for personal messages, but all university business should be conducted through your university email. We have additional security in place to ensure university info stays safe. This is important to aligning our business with best practices and regulations that require archiving, record retention and reporting. It is also worth mentioning that other than a very small number of exceptions, the university doesn’t allow automated email account forwarding.

But what about my personal emails and information, you ask? Well, there are a few things you cand do to stay safer while using these services, particularly if you use that email address to reset passwords for banking, e-commerce or social media sites.

  • Turn on multi-factor authentication if the service provides it. This will provide an extra layer of defense. An attacker can’t simply guess your security question to reset your password.
  • NEVER share your password with a friend for ease-of-use. Keep separate email addresses and create a distribution list if you wish to receive incoming emails from multiple senders.
  • Consider closing accounts with email companies that have had major data breaches and did not provide details on what steps they took to ensure a similar incident didn't occur in the future. Conducting a web search will give you a good idea of which companies are most likely to keep your information safe.
  • Be sure your email site is encrypted through SSL/TLS. You can confirm this by looking at the web address. It should begin with https://.  The “S” is what you are looking for to confirm encryption is being used.