Want my podcasts and blog posts delivered to your inbox? Click here to subscribe

To listen to the podcast version of memo click here —> Podcast Version

This memo is for business owners whose staff members have email accounts used in their business. 

Imagine one of your vital staff’s email accounts is no longer available. 

Imagine the entire history of those emails was gone. This is a disaster and it is something that happens to business owners far too often.

There are different levels of email security.

Staff email systems can be linked to your website. For example, I might have staff1@chriswhalencpa.com or chris@chriswhalencpa.com. Having emails directly linked to your website is a more secure way for you to maintain control over your company’s email data being used by your staff.

Some people use GMail Workspace, which is a hybrid type that is linked to your domain but using GMail. 

Others just have their staff create their own email accounts, using GMail or Yahoo for example. This is the least secure method and I strongly advise against this. 

A side note here about the dangers of emailed and website based virus attachments and ransomware. You want to be especially wary of your staff using insecure and personal email accounts on your company’s network and also want to forbid personal web browsing. There are email attachments and websites that can bring down your entire computer network. I urge you to do what I have done at my office. On my systems, there is no personal web browsing, and the only emails that can be accessed are the ones I create and control. 

Make sure your computer networks are protected from outside hackers as well. 

Now, back to staff email security.

Make sure that your staff business email accounts are never used for any personal communication. Your staff needs to have a personal and separate email for that.

When a GMail account is set up, recovery information is entered such as a phone number or alternate email account. This is used in case a password is forgotten. 

For any staff member’s email, your information, phone number and recovery email, must be what is entered or you may never be able to recover those emails. 

Quick example. Staff member quits and refuses to give you the current email account password. They originally set the email up, so the recovery email and phone number that GMail has is THEIR information. So, when you attempt to recover that GMail account by clicking on FORGOT PASSWORD, the GMail system will be sending text messages and emails to your former staff member to attempt that recovery. We can see what a terrible position this puts you in, especially when you have a disgruntled former employee who is not cooperative. You are permanently locked out and those emails, that are vital to your business, are lost forever.

You are at the mercy of a former employee who, for some reason, does not want to help you.

What if you do get access, only to discover that they deleted all of the history? We can all see that this system is insecure and a new one needs to be instituted ASAP. With generic GMail accounts, there is no way to recover emails and history that have been permanently deleted. If you don’t have a backup readily available this would be a disaster for your business.

Too many business owners are using insecure email systems for the staff emails. If you are one of them, please take my warning seriously.

I want to urge all business owners to immediately do an inventory of all company related email accounts. If any of your staff is using an email they created, transition them to an email account that you create and control. 

Do this today, in fact, do this right now.

The next step is to make sure you have all of those emails backed up in a secure location that only you have access to. Why? Because, as I asked at the start of this memo, what if you suddenly do not have access to a staff member’s email history? What if it was deleted, even by accident? 

If you are allowing your staff to create their own work emails with Gmail or Yahoo, or allowing them to use their personal emails, I urge you to stop this practice immediately.

My suggestion is to institute an email system that is completely in your control and creates emails that are YOUR property, not your staffs’.

This email system can be linked to your company’s domain name. A more sophisticated system would include some of the safeguards I am suggesting here.

So, do you have all the login information for your staff’s email accounts? Do you test this information regularly to make sure that passwords haven’t been changed? Have you made sure that the recovery information for those email accounts is your information and not your staff member’s?

Are all of your company’s emails backed up securely and accessible by you at anytime? If not, I urge you to take action today.

Do not try to institute a new email system on your own. That would be like using Turbo Tax to prepare your own taxes. That is a complete disaster and a terrible mistake. 

There are very easy ways to protect your staff’s emails. Mirrored backups, forwarding of emails, etc. 

Make sure to use an email professional who will give you a fully documented system, including instructions for future maintenance and additions. Make sure you test the disaster recovery procedures, so in the future, you will be able to access the backups of all of your staffs’ email account easily and quickly. 

One last important point. Emails are official business documents that are admissible in court. They should be treated with that level of respect. They need to be archived and accessible on a moment’s notice for the daily running of your business and if a legal matter arises where they may be vital evidence to protect you in court.

Get my memos in your inbox by clicking here —> http://eepurl.com/7rJdT

Click here to request a consultation or ask me a question.

Please reach out to me without hesitation with any tax, business or

accounting question, and to schedule a consultation.

Tax Laws are complex.

It is very easy to make mistakes that can incur penalties.

Do you have a Tax, Accounting or Business Question?

Call Me Immediately. (732) 673-0510.

Is your CPA or Attorney

ignoring your Phone Calls and Emails?

Call Me Immediately. (732) 673-0510.

Remember,

“If We Aren’t Working For You, Then You Aren’t Working At Your Best”

Chris Whalen, CPA
(732) 673-0510
79 Oak Hill Road
Red Bank, NJ 07701
www.chriswhalencpa.com

Red Bank • Rumson • Colts Neck • Holmdel • Middletown • Lincroft • Brick • Toms River • Sea Bright • Deal • Little Silver • Long Branch • Asbury Park • Bradley Beach • Belmar • Brielle • Eatontown • Fair Haven • Farmingdale • Highlands • Atlantic Highlands • Howell • Locust • Monmouth Beach • Shrewsbury • Spring Lake • Tinton Falls • Monmouth County

#Ransomware #virus #emailsecurity #emailscam #email #smallbusinessowners #incometaxes #incometax #irs #SmallBusinessSaturday #smallbusinessowner #businessmarketing #businessowner #yearend #jerseyshore #cpa #taxplanning #Accounting #TedTalk

Print Friendly, PDF & Email