Email security is what bloggers like me might call an “evergreen” topic, but not for good reasons. It’s always relevant, unfortunately, because the attacks aren’t stopping. They’re getting more sophisticated by the day. I have a painful hunch that security bloggers will be talking abut email security after I’ve gone to the great WordPress interface in the sky.
What’s impressive, though, is how vendors are constantly adapting to evolving email threats. Issues they’re dealing with include the impact of the cloud on email security along with the increasingly insidious nature of phishing attacks. “Twenty-five percent of malware comes from ‘benign’ websites,” explained George Anderson, Director of Product Marketing at Webroot. He noted, “Gateways and filters alone aren’t good enough to catch attackers who move laterally across the cloud while simultaneously making tainted target URLs look legitimate.”
“Gateways and filters alone aren’t good enough to catch attackers who move laterally across the cloud while simultaneously making tainted target URLs look legitimate.” – George Anderson, Director of Product Marketing at Webroot.
Webroot addresses the phishing threat at the endpoint. This approach makes a great deal of sense now that virtually all information workers are operating out of their homes, often on personal devices. The Webroot endpoint protection solution is able to analyze email senders’ reputation quickly, before the message can affect the endpoint. It can identify, for example, attackers who have compromised a shared OneDrive folder to make the recipient feel as if he or she is communicating with a trusted coworker.
GreatHorn similarly works at mitigating email attacks by getting away from the traditional Secure Email Gateway (SEG) model. “With so many email systems based the cloud, you have to protect email in-situ,” said Kevin O’Brien, GreatHorn’s CEO. The GreatHorn solution uses a cloud API to examine emails before they enter the corporate network.
“With so many email systems based the cloud, you have to protect email in-situ,” said Kevin O’Brien, GreatHorn’s CEO.
One basic benefit of this approach is to remove the single point of failure that can arise with on-premises SEGs. The main advantage, however, is the ability to assess email attacks quickly and apply instant filters that can block the same sender—or stealthy clones—from the entire email system before other recipients can open their malignant messages. “We can remove 10,000 messages from inboxes in a second,” O’Brien said. The solution uses a risk-based method that can identify innocent-looking but harmful email content based on its analysis of over a billion email messages per month.