Is your email safe?
Adrien Gendre
—February 21, 2018
—2 min read
Email is one of the most common forms of business communication today. And we often take for granted that it is a secure form of communication. After all, email services provide security for their email services.
Yet how can you be sure the email security provided is enough? Is your email safe?
Why email protection is a real specialty
As we’ve seen time and again, trusting the security of any technology service offered by a third-party can lead to security breaches. This is especially true with email, since the most common IT security threat used by hackers today are emails. An estimated 75 percent of identified, impactful threats were initially entered via email attachments and 46 percent of attacks were executed by users clicking web links in email, according to the SANS Cyber Security survey. Emails can carry ransomware, attachment-based malware, URL-based threats, impostor-driven schemes like business email compromise (BEC) and spear phishing attacks.
Why email protection needs to have layers
Even a paid product like Microsoft Office 365 -- which includes Microsoft Exchange Online Protection (EOP) -- does not always fully protect organizations. While it does offer a solid first line of defense against security threats, it isn’t a comprehensive security solution that can adequately protect from polymorphic threats and zero-day attacks, due to its technical limitations.
Microsoft is not a company that specializes in email security and protection. Hackers are more agile than ever, changing their attacks and techniques constantly in order to bypass traditional email protection measures.
Download the Office 365 email protection white paper
Since built in security isn’t quite enough, it’s important not to replace it entirely, but to compliment it with additional security layers, in order to block new and evolving attacks. The goal of third-party email security products is to fill in security gaps between existing cloud email systems and incumbent SEGs, in order to create a catch rate closer to 99.9999 percent, rather than 99.9 percent.
The following are some of the key best practices for securing your email, as outlined by Gartner:
Use Multiple Antivirus Engines
To increase detection and prevention rates, use a diverse array of antivirus engines that scan email content. You can use one antivirus engine at the email gateway and another for your endpoint systems. Ideally, the email gateway should support the use of multiple engines.
Consider SEGs
Review and consider secure email gateways (SEGs) that can guard against both URL links and attachments with active content that cannot be blocked by policy (such as PDF and Microsoft Office file types). Strip out or quarantine all executable content from email attachments, and ensure that all email content types and attachments are being evaluated for malware.
Mobile Security
Recognize that all mobile devices must be addressed with endpoint security technologies, mobile device security, and secure Web and email gateway services because their network traffic does not pass efficiently through legacy network defenses (backhauling traffic often creates greater latency).
How good email protection is structured
Whenever there is a security vulnerability, no matter how small, hackers are likely going to find it and exploit it. When considering a layered email security approach, it’s important to find a solution that provides:
- Initial Filtering: Emails should be analyzed for known phishing and malware signatures, including executable files. This quickly weeds out all spam and mass attacks.
- Anti-Malware: It should read the code embedded not just in executable files but in Office documents, PDFs, and more.
- URL Sandboxing: All URLs should be examined to be sure they do not link to malware, phishing sites, or any other malevolent site. This is done whenever the URL is clicked on… thus avoiding time-bombed URLs.
- Artificial Intelligence: Any remaining messages should be analyzed for unknown malware and phishing tactics to prevent spear phishing and zero-day attacks that would otherwise get through the filters.
- Human Intelligence: It’s important to have a global threat intelligence center with email security experts who are up to date with the latest security threats.