Forrester’s 2021 Wave evaluation states – “secure email gateways are slowly becoming dinosaurs!”
Some of you might agree, some of you may think that’s a bold statement. So, let’s consider two fundamental developments in the use of technology.
- An ever-increasing move to cloud environments and services
- The explosion of remote workers using collaboration & messaging applications for instant communication with their colleagues.
We are seeing organisations increasingly turn to the native security capabilities of cloud email providers like Google and Microsoft. Businesses are also leveraging cloud-native API-enabled email security solutions which operate beyond the inbox and protect communications within other messaging applications
Cloud-native API-enabled email security (CAPES) should extend protection to cover your remote workers’ daily apps, Teams, Slack, Dropbox, Box etc
Your CAPE should
- add an additional layer to the default security layers in Office 365 and Gmail (not disable them)
- scan email after default layers, but before the inbox, which allows AI and ML to detect attacks that may have been missed
- protect email in all directions (internal, external, outgoing), providing complete protection against all threats, including insider ones
- use AI to continuously learn and improve from every end-user interaction and email
- constantly auto correct to remove false positives
- automatically learn and discover an organisation’s supply chain to prevent malicious files and messages from compromised vendors from appearing in the inbox
- detect abnormal behaviour or actions, including compromised accounts
- avoid changing MX records, keeping your security solution invisible to hackers
SPF and DKIM authentication are the most basic checks which validates that an email from “ABC.com” actually came from “ABC.com”. When you change your MX record and send it through an SEG, all email is sent from the SEG IP address and fails both of these fundamental checks. So, to prevent Microsoft from rejecting every email sent by the gateway, you put the SEG servers on a list of “Trusted Servers”. This transport rule effectively bypasses Microsoft’s own protection. If the SEG misses a malicious email, Microsoft’s own security will never see it. Try explaining that to a business leader in the middle of a cyber incident!
Contact us for more information: Moore Technology’s Mail Protector critical email protection, DLP and Post Delivery protection (powered by Avanan).