Email has been a dominant communication medium for decades – today’s SMTP was born in 1981 and over the next three years a projected 375Bn emails are expected to be sent every day. Unfortunately, its ubiquity has made it a prime target for cyber criminals. In fact, 94% of malware is delivered via email. With businesses now moving away from on-prem email servers to cloud-based platforms like Microsoft 365 and Google Workspace, securing email in the cloud is more important than ever. This article explores the different framework options for modern email security: Native, SEG, and ICES.
Native Security
Native email security controls are included in productivity platforms like Microsoft 365 and Google Workspace, making them a convenient option for organisations seeking to consolidate vendors.
Gartner states that 75% of enterprises are adopting a vendor consolidation strategy, so using native security platform, such as often underutilised E3/E5 with Microsoft 365, makes sense. These controls often include blocking known bad senders/domains, AV scanning of attachments, and analysing/identifying SPAM.
Advantages of native security:
Disadvantages of native security:
Integrated Cloud Email Security (ICES)
Gartner classifies email security solutions that use an API (for example Microsoft GraphAPI) to analyse messages instead of a cloud-based gateway as ICES. ICES work alongside native functionality, enhancing security by adding techniques such as anomaly detection, natural language processing, and other ML-based approaches to detect risks and account compromises. This approach can effectively detect spear phishing, social engineering, and business email compromise attacks.
Advantages of Integrated Cloud Email Security:
Disadvantages of Integrated Cloud Email Security:
Secure Email Gateway (SEG)
The cloud gateway is the tried-and-tested method of intercepting and scanning email traffic inline before it hits the user’s inbox. By modifying the DNS MX (mail exchange) record emails are routed via the vendors gateway for analysis and sanitisation. Most SEGs employ a Message Transfer Agent (MTA) architecture that relays traffic through multiple layers of security before it is delivered to the mailbox. As email is not real-time communication, the resulting delivery delay of up to a few minutes is acceptable.
Advantages of Secure Email Gateway:
Disadvantages of Secure Email Gateway:
What is the best type of email security?
Our ethos at Censornet is to encapsulate the best of both worlds, with a SEG to secure emails inline before they hit the user’s inbox, and ICES API-triggered security to enable features such as post-delivery deletion and internal mail protection.
Although Email is the primary threat vector (91% of all cyber-attacks begin with a phishing email), around 2/3rds of incidents are cross-channel or multi-stage attacks. This means that the attack chain can move quickly to the web via a malicious URL, or deliver a malware payload via a cloud file sharing service for example. In these scenarios having even the most sophisticated security on the incoming medium is not enough. You need to be able to share threat intel in real-time across the entire attack surface. Only then can you protect not only against malicious outsider, but also the threat (be it accidental or malicious) from the company insiders, e.g. posting a file to a public SaaS cloud share or transmitting sensitive data outside the organisation.
Censornet’s autonomous integrated cloud security platform does this. Our platform provides modern, sophisticated protection across all attack vectors, delivered in a single pane-of-glass dashboard, thus reducing the operational burden on IT professionals and mitigating risk and potential damage that could be caused by a data breach.
Email security is critical to every organisation. With the rise of cloud-based platforms, securing email in the cloud has become even more important. Native security controls, ICES, and SEGs are all options for securing email, each with its own benefits and challenges. At Censornet, we believe in combining the best of both worlds to offer sophisticated protection across all threat channels.
