man-at-pc-working
|

Shared mailboxes are insecure for business use

There has been a significant increase in hacks and hack attempts on web servers during the lockdown period, and the focus has therefore been very much on security across all sectors, as we also see the increase in phishing and malware. This brings to mind the fact that many businesses are still using their shared hosting platforms for both their website and their emails, which is a high risk.

 

What are the risks associated with a shared hosting environment for emails?

 

1. If one goes down, it all goes down

No matter who you’re hosting with, every business has at some stage experienced downtime on their website due to their provider doing maintenance or due to unexpected network errors. These downtimes can be anything from a few minutes to a few hours.

When the hosting environment where your website is hosted goes down, if your emails are on the same server, your emails are going down too because they share the same environment.

 

2. SPAM Filtering can block you if your hosting neighbours are following bad practices

With shared hosting, you are sharing an IP address with multiple other companies hosting on the same environment. What this means is that if one of those neighbours sharing an environment with you is sending out illicit emails or hosting illegal content, the internet SPAM filters can blacklist the IP address for your server which will cause your emails to go directly into your recipients SPAM mailbox, possibly never to be seen.

 

3. When migrating hosts, your data migration becomes a headache

Migrating a website can already be a massive headache if you’re moving from one service provider to another, but if you have to move your emails as well, this is a double whammy, as it requires you to do local backups of your emails to a PST so that you can move all historical mail data to the new service provider.

When moving emails from a POP/IMAP server, there is no easy way to go about it, and you can expect there to be some downtime at least, even if just for a few minutes while you migrate or otherwise while you await DNS details to propagate.

 

4. If they’ve hacked into your website, they have full access to your emails to be able to send emails, create new mailboxes and receive emails (for all your users)

When hackers get access to your shared hosting environment, they are able to manipulate the entire server and all your files, this includes being able to create new email addresses, delete email addresses and send and receive emails. Often, hackers will use your email addresses or newly created ones on your domain in order to perform phishing scams and other email scams across the web, which again poses a risk of your domain or IP being blocked by SPAM filters or alternatively, giving your organisation a bad name.

It’s not only reputation you have to worry about but, if you’re running an IMAP email, you run the risk of losing all your historical mails when these hackers delete mails from your mailbox which inherently deletes the mails from all your devices.

These are only some of the risks associated with hosting your emails on a shared hosting environment, and there are many more risks. 

Our suggestion is to separate your emails, by hosting your emails with a secure email provider such as Microsoft 365 or Google Workplace, as both of these providers have an easy setup and specialise in emails, meaning they have all the necessary basic security for a secure email platform.