Cloud Security and Governance – Mind the Security Gap Workloads are migrating to the Cloud with…
Email Gateway Security
ESGs – Even a Cloud First world they are still an essential security layer
With the number of email born threats, Enterprise strength Email Filtering via gateway solutions is considered almost necessary in today’s ever changing environment. Email provides an easy and mass market approach to delivering opportunistic attacks. It also provides an easy entry for more targeted and sophisticated attacks against individuals within an organisation.
Email Gateway Security is considered an essential within Secure-ISS’s Defence in Depth security strategy.
What are the essential functions of an ESG?
Essential components within ESG solutions include basic and advanced threat defence and post delivery protection mechanisms. These features include:
- Enterprise strength Email Filtering for Malware and spam;
- Co-operative Spam Checksums
- Signatures and Spam Scoring
- Whitelists and Blacklists
- Real-Time IP Blacklists
- Directory Harvest Attack Prevention
- Real-Time URL Blacklists
- URL to IP Mapping and Blacklists
- URL Categorisation
- Domain Age
- Bayesian Filtering
- Challenge/Response Systems
- Optical Character Recognition (OCR
- Spam tagging
- Quarantining with management for administrator and end userEmail
- DLP Protection
- Web based administration
Cloud Email and ESGs
With some 80% of organisations expected to be on a Cloud based email service by 2021 protection from a third party vendor is critical.
Microsoft O365 inclusions and options
Microsoft Office 365 includes Exchange Online Protection (EOP) with all O365 plans. EOP includes both an anti-spam and signature-based anti-malware service.
Microsoft offers Advanced Threat Protection (ATP) to address advanced attachment and URL-based threats, DLP and email encryption (enabling an organization to monitor, encrypt or block messages based on policy) in some enterprise packages and as stand-alone offerings.
With Microsoft being a generalist technology provider (albeit a very good one!) and not being a specialist security vendor, the protection provided by these offerings may not be sufficient for all organisations.
Although the Cloud based email Services offer a level of protection, often these are basic levels of protection compared to the functionality and flexibility provided by a dedicated solution. Secure-ISS recommends that organisations consider supplementing their O365 or other cloud email services with a dedicated ESG solution.
How can Secure-ISS help?
We can assist secure your business reduce the costs and the associated complexity of your ESG deployments.
Secure-ISS provide a number of consulting and implementation services in relation to ESGs. Including flexible deployment options:
- Into your Cloud
- As a SaaS/ Cloud Delivered solution
Secure-ISS assist businesses of all sizes with fully managed SaaS solution for the smallest of businesses, through to the deployment of 10,000+ mailbox solutions for enterprise and government clients.