1. Think about what you are storing. Customers’ contact lists often contain much more than email addresses. Be aware of what data you are storing on whatever email marketing platform you are using — in particular, avoid including very sensitive pieces of data like credit card numbers and social security numbers for your contacts.
2. Protect and rotate your password. Most intrusions happen through the front door versus technical back doors. Your password is often the front door key so it is best to have a strong password and change it periodically. Strike the balance of it not being so hard to remember that you have to scribble it on a sticky note that sits on your desk. That’s not secure either.
3. Be strict with passwords. You can set an expiration date for passwords. This ensures that passwords remain a moving target for any would be attacker. And to prevent users from switching between only a few passwords each time they are asked to reset their password, you can enforce a password history. This ensures a user cannot reuse any single password for a certain period of time.
4. Control Access. Every account in Bronto includes multiple users. You can assign per user permissions for each user to ensure they only have access to those areas of your account are applicable to their role. When someone no longer needs access, delete their user. Shared user accounts and passwords are inherently insecure and a cause for break-ins.
5. Be vigilant against phishing emails. Emails, even ones that appear to be from well-known companies, frequently contain attachment or links to downloads that contain keyloggers, Trojans, or worse. Be suspicious at all times, and closely check URLs to ensure they are legitimate. Go to the real company’s website and look for your download, don’t click through a link in an email you are suspicious of.
6. Limit the IP addresses that can access your account to your office’s IP address. Will this be inconvenient when you try to sign into your account from home or on the road? Yes, but a secure office would have a VPN to let you securely access the Internet through your work network. Read the Network Access section of this post to learn about how to do this in Bronto.
7. Ensure that your team has current versions of browsers and operating systems. Work with your company’s IT administrator to obtain the latest versions.
8. Consider using security settings for sessions, sessions (the time a user is logged in to an account.) You can (and should) require a secure login session using SSL You can set how long a session can remain inactive before it times out and logs the user out. And you can lock sessions to the IP address from which they originated. This setting helps to prevent session hijacking
9. Configure various security settings for logging into the application. Each setting is described below: Force users to reset their password if they haven’t logged in for a given period of time. You can set the limit for failed login attempts and lock-out users who exceed this number, requiring an account administrator to unlock