Email is one of the largest communication methods available, so it is
no wonder it’s among the favorite attack vectors to target. Organizations rely
on email to keep their businesses running, but very few place the importance on
properly securing it. Email security refers to the collective measures used to
secure the access and content of an email account or service and data from
hackers – at rest and in transit. The solutions submitted this month use multiple
techniques from encryption to advanced threat protections to weed out dangerous
emails.According to multiple studies, one of the primary sources for the
spread of malware – responsible for large numbers of network intrusions – is
email through malicious attachments or users clicking on links contained in the
email body. The products highlighted in this month’s review provide protections
across many phases of an attack. Some tools provide filtering to catch
malicious payload prior to it hitting a user’s inbox while others offer
disaster recovery options.While there is no silver bullet in the security space, allocating the
resources to protect your email system will trim the “low hanging fruit” and
protect your users from themselves.Group test discussion
This
month the SC Labs team looked at a variety of email security solutions designed
to protect on premise exchange servers, Office365 Exchange Online and G-Suite
Gmail for business solutions. Since this was the first time in a while the SC
Labs team looked at this category, we sat down with each vendor’s technical
team to gain a greater understanding of the problems each solution solved and
the features separated them from the pack.In years
past, the focus was on spam protection and email encryption. These tools have
evolved as the threat landscape has changed and continue to add features,
creating more of a product suite.One item
that really stood out to the SC Labs team was how easily these tools integrated
with the major cloud platforms. Previously, most of the solutions targeted
on-premises exchange servers and the online protections were very limited. With
the industry shift to the cloud, it’s refreshing that this space can keep pace
and continue to protect inboxes wherever they may reside.Ranking
high on our list was the ability to protect users from malicious attachments
and web links, which often slips through the cracks of the built-in
protections. A few tools will allow you to track user activity and provide
follow up training for users who tried to access these malicious objects. Not
only does this help organizations track down problem users, it also improves
security awareness content.Another
attractive feature available in most of the enterprise tools evaluated was the
ability to protect users from internal threats. While this may not seem like a
“must have” feature, a compromised user account often will try to spread to
other internal users. Studies show that users often will almost completely
trust emails from internal sources so spreading malicious content this way can
be both successful and devastating. By protecting internal communications,
companies can better contain further contamination.While
there is no one-stop-shop or magic solution, protecting inboxes will go a long
way safeguarding an organization from the great unknown of end user behavior.
Once a malicious payload arrives inside a mailbox on an endpoint, organizations
rely on your next layers of protection catching the threat and the behavior of
the userbase to report and help prevent the spread of the email. The tools that
offer phishing and end user training help reinforce these principles and allow
you to use real world examples.Pick of the Litter Scrutinizing several innovative cloud-based email security options this month, we were pleased with the advancements that have been made to mitigate email-borne threats. EdgeWave impressed us with its versatile and intuitive ePrism platform. We found that the solution addressed every major feature of this category while maintaining its cost-effectiveness, which is why we are making Edgewave ePrism our SC Labs “Best Buy” award-winner. Symantec’s Email Security.cloud was packed full of useful and innovative features, including several we were not expecting. The incorporation of threat visibility and response, as well as embedded security awareness training, enhanced the platforms capabilities. Considering the additional tools and options available within a broader Symantec portfolio, it’s no mystery why we selected it as our SC Labs “Recommended” award-winner. -- Pick of the litter written by Matthew McMurray To read all the reviews:Barracuda Total Email Protection BitDam ATP for Email EdgeWave EdgeWave ePrism IRONSCALES Mimecast Secure Email Gateway SonicWall Hosted Email Security Sophos Email Advanced Symantec Email Security.cloud Vade Secure for Office 365 ZixProtect
