- Security
Email Security Best Practices: How To Keep Your Email Program Safe
Phil Adams
• 13 min read
- Security
Session Awareness & Account Management - How Active are You?
Patrick Tilley
• 5 min read
October has come to an end, and with it, everything else associated with October like National Cybersecurity Awareness Month (NCSAM). While NCSAM might be over, security doesn't stop because a calendar month has come to a close. If it did, we'd all be having a bad time 11 months out of the year!
Here at Mailgun, we take cybersecurity extremely seriously. When it comes to our customers’ emails, a compromised account can mean compromises for their end users as well. To mitigate that risk, we develop new security protocols and measures to make sure that our customers can have better insight into their account security, as well as better ways to protect themselves from bad actors.
All that said, let’s get a better idea of what a session actually is, and for that, let’s go to the movies.
Imagine this
A session is a lot like going to the movies. You walk up to the box office (the login screen) and provide your payment information (your username and password) with the clerk (the application) to buy a ticket to get into the theatre (the platform). After that, you walk into the theatre and flash your ticket to prove you've paid to see the movie (to sign in to the application successfully). From there, you get to watch the film (i.e., collect data, reply to tickets, etc.) for a couple of hours until it's time for you to leave and go home (log out of the application).
But imagine that someone took your payment information, and suddenly you couldn't buy a movie ticket. Not fair, right? They get to use your money to buy a ticket somewhere else, and you're left kicking the dirt outside of the theatre.
DELIVERABILITY SERVICES
Learn about our Deliverability Services
Looking to send a high volume of emails? Our email experts can supercharge your email performance. See how we've helped companies like Lyft, Shopify, Github increase their email delivery rates to an average of 97%.
Compromises suck
Weird movie theatre metaphors aside, there isn't anything funny about a compromised account. It can cause a substantial negative impact on your sending reputation and leave long-lasting damage on your business, depending on what the compromiser does with the account. Plus with the increasing number of cybersecurity attacks in recent years, it is a great time to start now on being vigilant about all of your accounts, including your Mailgun account.
Monitor your sessions
In regards to the above scenario, Mailgun offers a couple of ways for you to take control and manage your account to help prevent account compromises from happening. We offer a multi-factor authentication method, session timeout preferences, role-based access control, and a shiny, new widget in the control panel that you may have already seen.
This new widget allows you to see the current, active sessions of those who have access to your account. A user can look at this widget and see when and where the last sign on occurred for a given account. From there, it can be determined whether or not the session is legitimate or a compromise. For example, a typical red flag would be seeing that someone who is typically locally signed in from a whole new country or from an unfamiliar IP.
Cybersecurity Best Practice
Need a little extra help in building your cybersecurity awareness with your Mailgun account? You can secure your account for any and all who have access to the account and maintain its security by:
Activating Multi-Factor Authentication methods and making sure others do so as well
Monitoring active sessions and reporting anything that appears out of the ordinary
Maintaining the list of those who have access to the account is up to date, and
Making sure only those who need access to the account have access to the account
Making sure those who have access to the account have the appropriate account privileges
Setting up session timeout preferences to prevent people from piggybacking off of any sessions that may still be alive
Security Improvements Happen Constantly
While this is not the peak of security options we wish to have available to you, we're always looking to create better ways to keep your Mailgun account secure. The best way to help us make that possible is to go through your account and make sure that you have everything locked down on your end. By taking advantage of all the security measures we have to offer, you're creating the safest environment for your Mailgun account. Fewer compromises mean less stress for you, and more time doing what you do best with Mailgun - sending email.
PS – We would recommend doing things like this for all of the services you use, both personally and professionally.
DELIVERABILITY SERVICES
Learn about our Deliverability Services
Looking to send a high volume of emails? Our email experts can supercharge your email performance. See how we've helped companies like Lyft, Shopify, Github increase their email delivery rates to an average of 97%.
Last updated on August 28, 2020
- Related posts
- Recent posts
- Top posts
- Security
Mailgun’s Active Defense Against Log4j
Adam Cole• 5 min read- Security
Vulnerability Management: Working With the Community To Patch Security Threats
Jesse Kinser• 7 min read- Security
3 Secure Email Gateway Holes You Need to Close
Mailgun Team• 7 min read- What's new
Catch-All Domain Support Is Now Available In Email Validations
Peter Trinder• 4 min read- Security
A Word of Caution For Laravel Developers
Nick Schafer• 4 min read- Security
Privacy Matters: Your Data Is Safe With Us
Darine Fayed• 5 min read- Security
TLS Version 1.0 and 1.1 Deprecation
Chris Farmer• 6 min read- What's new
Mailgun Just Got Better For Client Management
Chris Farmer• 5 min read- Email DIY
The Basics of SPF Records
Mary Dolan• 6 min read
- What's new
InboxReady x Salesforce: The Key to a Stronger Email Deliverability
Mailgun Team• 5 min read- Email DIY
Become an Email Pro With Our Templates API
Sergey Chekluev• 8 min read- Best Practices
Google Postmaster Tools: Understanding Sender Reputation
Cameron Henry• 8 min read- Quick tips
Navigating Your Career as a Woman in Tech
Celeste Rance• 13 min read- Guides
Implementing Dmarc – A Step-by-Step Guide
Phil Adams• 11 min read- Best Practices
Email Bounces: What To Do About Them
Mailgun Team• 7 min read- What's new
Announcing InboxReady: The deliverability suite you need to hit the inbox
Mailgun Team• 5 min read- Events
Black History Month in Tech: 7 Visionaries Who Shaped The Future
Ron Davis• 13 min read- Best Practices
How To Create a Successful Triggered Email Program
Beatriz Redondo Tejedor• 11 min read- For devs
Designing HTML Email Templates For Transactional Emails
Mailgun Team• 4 min read
- What's new
InboxReady x Salesforce: The Key to a Stronger Email Deliverability
Mailgun Team• 5 min read- Guides
Implementing Dmarc – A Step-by-Step Guide
Phil Adams• 11 min read- What's new
Announcing InboxReady: The deliverability suite you need to hit the inbox
Mailgun Team• 5 min read- For devs
Designing HTML Email Templates For Transactional Emails
Mailgun Team• 4 min read- Security
Email Security Best Practices: How To Keep Your Email Program Safe
Phil Adams• 13 min read- Security
Mailgun’s Active Defense Against Log4j
Adam Cole• 5 min read- Best Practices
Email Blasts: The Dos And Many Don’ts Of Mass Email Sending
Mailgun Team• 8 min read- Quick tips
Email's Best of 2021
Kate Nowrouzi• 5 min read- For devs
5 Ideas For Better Developer-Designer Collaboration
Nicki Snyder• 10 min read- What's new
Mailgun Joins Sinch: The Future of Customer Communications Is Here
Mailgun Team• 4 min read
Always be in the know and grab free email resources!
No spam, ever. Only musings and writings from the Mailgun team.
By sending this form, I agree that Mailgun may contact me and process my data in accordance with its Privacy Policy.
sign up
It's easy to get started. And it's free.
See what you can accomplish with the world's best email delivery platform.