The first step to securing an email account is eliminating any threats that currently reside in the system. This is done by checking the access logs for each email account and searching for suspicious activity including unidentified IP addresses/tracing IP addresses.
Throughout diagnosis, each entry on the log will be marked with one of three possible statuses: Check, Okay, or Compromised.
- ‘Check’ indicates that a check is required for the corresponding part of the log. Logs will be re-marked for checking over a fixed timeframe depending on the selected package.
- An ‘Okay’ status is placed on sections of the logs where the integrity and security of the email accounts have been maintained.
- ‘Compromised’ means that a threat has been detected in the email system. This may be in the form of spam, tracking or phishing, or hacker access to the account/s.
In the case of a hack or compromised account, a thorough investigation will be undertaken to determine the cause/source of the breach and fix it as quickly as possible. The threat is eliminated through measures which involve email security tracking, repairing defenses, taking control of and securing compromised emails, files and information, reconfiguring if necessary. After a breach has been fixed the email account is still checked regularly to eliminate other possible threats.