The email security market has changed in recent years in several different ways. The number of market competitors decreased due to the need for large intelligence gathering capabilities to stay up to date on the latest threats and attack campaigns. Proliferation of botnets to create ‘zombie’ attacks as well as compromise white-list domains developed the need for active content filtering and behavioural analysis.
The recent development of spear phishing (targeted email attacks) has resurged the need for Email Security systems to protect against the most costly of user credential compromise or intellectual property theft.
To deal with attachment malware, some solutions have been created with the ability to strip active content from a document type. That is, removing Java or macros from PDFs or Office. This is done to sterilize the malicious content. Deep understanding of document types and the information they contain has also enabled the development of a new technology, adaptive redaction, which allows documents to be modified and critical information, which could cause a data leak, to be removed.
The threat landscape is becoming more advanced as organizations become more reactive and adversaries quicken their pace and become more persistent. Traditional mass attacks and general spam are still a huge concern and nuisance, but on the decline. The proliferation of spear phishing by criminal organizations, hacktivist groups, or state sponsored groups, are developing to a normal attack method with commodity style markets selling and reselling these techniques.
How to protect data from email attacks
As the threat landscape becomes more advanced, how can we protect our data from email attacks? Here are two major ways you can protect yourself:
- Service in the Cloud
Email security can be deployed through software-as-a-service (SaaS) or through a managed hosting provider. Many IT managers want to avoid the difficulties related to maintaining a back-end infrastructure for email hygiene and delivery (including servers and storage), and datacentre capabilities (including power and backup capacity).
- On-premises Appliance
Email gateways that organizations manage and configure themselves (the traditional approach). It does require an initial investment with a requirement to maintain it.
How Cloud-based email security benefits an organization
We recommend the first approach, moving your email to the Cloud because of the undeniable benefits that come with. Here are 8 main ways the Cloud-based email security can be beneficial to your organization:
- Upfront – block email before reaching the corporate network.
- Scalability – can handle a DDOS without large investment. Ability to scale user count up and down, adjusting total cost.
- Less Management – no need for dedicated staff to manage internal email security.
- Cost Savings – a subscription service model prevents large capital and converts email hygiene to an operational expense.
- Uptime – many providers will use multiple redundant sites, giving better uptime and disaster recovery and queuing messages until messaging platform recovers. Doing this in-house is not cost-efficient.
- Maintenance – web-based applications mean less maintenance and version control issues.
- Strategic Value – outsourced infrastructure enables IT leaders to focus resources on strategic initiatives rather than worrying over keeping email servers running.
- Disaster Recover – SaaS can act as a disaster recovery layer.
There are minor drawbacks of cloud-based email security such as increased bandwidth requirements, loss of physical control over email, and ongoing per-user costs. However, compared to the benefits you gain from cloud-based email security, the drawbacks are not significant.
Is there any benefit of On-Premises Solutions?
There are two ways the on-premises solution can be beneficial:
- Data privacy and control are the drivers for on-premises appliances.
When you have your email and its gateway in house, it means you retain complete data privacy. Regulatory or compliance issues can make it imperative for an organization to retain complete control over its email communications and its subsequent security. Industries such as banking, healthcare, education, and government may find this preferable.
- On-premises Email Security Can Be Aggregated with other On-premises Defences.
An on-premises appliance can be integrated with other on-premises security systems, giving better visibility and control over your networks and users.
There are major drawbacks of on-premises solutions, which have encouraged many organizations to move to a Cloud-based email security solution:
- On-premises appliances require maintenance in order to ensure its success.
The overall cost of the in-house IT servicing end users is significantly more than the cost of implementing the cloud-based email security. Therefore, deployment of appliance based email security is on the decline. Entire email infrastructures are being outsourced, relying on hosted email providers.
- On-premise deployment will need a virtual form factor.
Cloud averse organizations deploy virtual appliances and run email security in their VMware and Microsoft environments, requiring multiple maintenance points.