With an increasingly difficult Email Threat landscape, and many security services users can use to mitigate threats, sometimes it is important to focus on some simple resolutions in order to successfully implement an Email Security Solution in an organization.
1. DO decide carefully between a cloud service or an on-premises server.
Both cloud services and on-premises servers have advantages and disadvantages; ultimately, it comes down to the infrastructure management and control an organization wants to (and must) have.
Cloud Services have come a long way in security. Study the system, understand its resilience to system and network failures, and understand its security abilities. After considering these factors, then make a decision. Usually only organizations that handle very strict compliance, legal, and security issues (such as Banks or political affiliates) should consider an in-house system.
2. DON’T think your email server provider is a security expert.
Servers such as Microsoft Exchange and Cloud services or Google’s Gmail are very good in managing users, messages, and accounts (as well as storage or calendar functions). Their focus is email management that is fit for all organizations users. Their offerings need to be very simple and flexible.
On the other hand, cybersecurity is focused on simply controlling all email traffic, both inbound and outbound, from a single perspective. Its sole consideration is, “is it harmful for users?” Cybersecurity models require advanced security modules (such as Antiviruses or Data Leak Protection mechanisms) and live analysis and updates to detect the constant daily influx of new threats.
Plus, it is always good policy to manage security so that it is independent of business productivity as much as possible.
3. DO care about real time interception of bad emails.
The email threat landscape changes daily. New strains of malware and phishing emails, with a growing sophistication will target your company consistently. After some time, it is probable that the signatures for company emails have been discovered and distributed via Antivirus or Threat Intelligence providers. Make sure your solution is prepared with real time threat intelligence that can immediately synchronize and filter new information on threats (fingerprints, compromised systems, reputation).
4. DON’T treat all your email users the same.
Inside an organization, some employees may be more vulnerable than others. First and foremost, some users are more tech savvy and will “behave better” (e.g. don’t sign up for mailing lists). There are other reasons as well: C-level and Financial executives are more likely to be exposed to spear phishing, just as Marketing is more exposed to advertising related content and spam.
On the data protection side, companies must prepare differently in regard to Data Leak and Data Loss. Some users hold important data, however some users are unaware of corporate policies and compliance rules. This means that an organization needs to configure email Security differently depending on the user or on the organizational unit. From the outbound quota to the Quarantine management and ability to whitelist, the Email Security system must be prepared for true multi-tenant administration.
The paragraphs above meant to raise insight on decisions, insufficient or effective, when implementing and effective email security in your organization. The Email threat landscape is very impactful on all organizations, and suitable responses are required from all these organizations.
Author: Rui Serra
With degrees in Computer Engineering and Marketing, Rui started his career managing training documentation for IT Training and consulting firms. He then joined Nokia Siemens Networks as a Documentation Specialist and Project Scrum Master before joining AnubisNetworks in 2009, where he has advanced from managing documentation to Product Manager for the growing Product Portfolio.