Email communication is what drives higher education forward. It’s a point of communication between faculty, staff, and students, how socials and clubs get organized, and is overall a vital learning tool. It’s also, unfortunately, a dense network of attack vectors that threat actors are itching to take advantage of.
When it comes to finding a robust, advanced email security solution, universities and colleges need somewhat of a more nuanced approach that is successful in reaching endpoints – and has to contend with the fact that delivering security awareness training to every single person connected to the network is not only difficult, but time-consuming and costly.
The email security needs of high education institutions differ from that of high schools and middle schools. Connections are being made outside of the network, and solutions must be highly scalable as tens of thousands of students, faculty, and staff connect to the network with potentially more than one device. The solution must be able to extend to endpoints outside of the centralized data center and it needs to be able to handle a large number of users. It also requires strong filtering capabilities and customization policies.
We ran an MX report on the domains of most universities in the USA and UK to find which vendors were used the most, which we’ve listed below. It is worth noting that the majority of these solutions are cloud-based, with a few exceptions. When running the MX report, it did not display any on-prem solutions universities and colleges might be using.
We looked at what email security is used by universities based on reviewing their MX records.
The Email Protection Suite from Proofpoint is a stronger contender on this list. Suited for enterprise-level organizations with thousands of users, it’s a manageable option that comes with multiple deployment options, such as on-prem, virtual machine, and SaaS yet not compromising on flexibility.
Robust filtering capabilities prevent the majority of threats from reaching users’ inboxes. Custom filtering is also available. While analyzing the dashboard, admins can filter out threats by type. Any unwanted mail can be automatically blocked, such as phishing emails, emails with attached malware, spam, and mail that contains adult content, making it appropriate for higher education institutions.
Business email compromise (BEC) is an alarming threat, in that there’s often no malicious payload to detect, meaning that these emails often slip past SEGs and into end-users’ inboxes. Proofpoint implements advanced BEC defense measures with an AI, machine-learning detection tool that can analyze email content for anything that may indicate a BEC attack. For instance, it can detect whether the email is impersonating someone else in the network, analyze header data and IP address, and scan the actual email content to scan for particular words and phrases and if there’s any urgency.
Pricing is supplied via a quotation request.
Barracuda is a company that specializes in network and cybersecurity. Their email security solution is Barracuda Email Protection, a comprehensive stack that offers protection from spear phishing, malware, spam, domain impersonation, account takeover, data exfiltration, and more. It aims to offer protection from social engineering-based tactics, which is often tricky to safeguard against as they don’t contain any technical giveaways that can be picked up by secure email gateways.
Their solution combines web security, API-based inbox defense, and email-gateway defense to provide near-impenetrable email security. This combination of measures allows for protection against risks that email gateways alone can’t defend, such as threats from compromised internal accounts by blocking these risks immediately.
Strong back-up capabilities mean that if data and information is lost during a breach, faculty, staff, and students can get anything lost back, providing peace of mind. Other features include Advanced Threat Protection, which scans attachments for malware, spam filtering, outbound email filtering, and can prevent DDoS attacks through the software’s cloud-based deployment.
Barracuda Email Protection comes in three plans: Advanced, Premium, and Premium Plus. Pricing is supplied via a quotation request.
Fortinet’s email security solution, FortiMail, is a cloud-based, SaaS solution that can be deployed on all email environments, including on-prem, cloud, and hybrid. Admin teams can deploy and manage the solution themselves or pay extra for Fortinet to manage the solution for them – a handy option for already busy IT teams. It has a variety of operating modes, making it integratable with most email providers, including API support for integration with Microsoft 365.
It’s an effective solution that can manage a high number of end-users without compromising on transparency for admins. IT staff are provided access to a real-time dashboard with strong reporting features and highly customizable controls and mail-handling capabilities, not only giving full visibility but also total control when it comes to responding to threats.
FortiMail can detect and block most forms of email threats, including impersonated and spoofed emails, spam, and more through strong filtering capabilities. It can detect any issues based on IP, domain, sender ID, DMARC, DKIM, and any location restriction configured by admins.
FortiMail has three plans: Base Bundle, Enterprise Advanced Threat Protection Bundle, and Enterprise ATP with Microsoft 365 API Support Bundle. Pricing is supplied via a quotation request.
One of the younger vendors on this list, Ironscales is an API-deployed email security software solution that is seamlessly integratable with Office 365, G-Suite, and Exchange. It is easy to implement, manage, and configure.
Ironscales is an AI-driven, self-learning platform that analyzes user behavior and language to detect potential threats such as account takeover. It can detect and prevent advanced email threats such as BEC, ATO, and any social engineering-based threats.
Alongside having a full view into the platform from a single console, admins receive real-time notifications of any problems that arise, allowing them to respond to potential threats as quickly as they appear. End-users can also flag in their inbox if they believe an email is a phishing attempt. Once an email has been confirmed as a phishing attack, admins can have this email removed from all other inboxes in the network that have received it, offering a much faster solution than sending out a warning to recipients.
Ironscales offers two plans, Email Protect and Complete Protect. Email Protect is $6 per mailbox, per month, whereas pricing for Complete Protect is $8.33 per mailbox, per month. A free Starter is currently unavailable.
Mimecast is a large global retailer specializing in highly scalable security solutions. Their email security software offers protection within the email network, your organization’s network perimeter, and beyond this perimeter, making it an attractive solution for universities and colleges.
Strict controls at the email perimeter make sure nothing malicious can bring any harm. Email inspection blocks any threats by filtering out emails with malicious URLs or attachments. URLs will be inspected once more when a user clicks on them, removing any threats that turn malicious after email delivery. Any suspicious URLs that are opened are done so in browser isolation mode, protecting the user’s web session and preventing any data and info harvestation. Downloads can also be completed away from the network.
Admin teams have a single console that provides far-reaching and in-depth sight into user behavior, helping admins notice any users that may need guidance and training. This console also allows for quick, effective response to potential threats and breaches as they emerge. Sandboxing protocols help block zero-day threats and strong email-filtering protocols can flag emails that have been spoofed or contain signs of social engineering.
Mimecast’s Email Security software’s pricing is supplied via a quotation request.
What Is Email Security?
Email security refers to the multiple tools and processes that are onboarded in order to safeguard and protect email accounts, email communications and content, and data from being compromised, stolen, lost, or inappropriately accessed. Email security is put in place to help defend against common, recurring, and–often–devastating email-borne attacks such as phishing attacks, malware, ransomware, and spam. Email-based attacks are often so successful due to their prevalence, sophistication, and ability to easily access other accounts and devices if successful. Email-based attacks tend to rely on the concept of human error in order to be successful, meaning that there will always be at least one user who will fall prey to an email-based attack due to human error or lack of judgment.
How Does An Email Security Solution Work?
Email solutions tend to differ in what they can offer and how they operate. Secure email gateways (SEGs) will filter and block emails before they reach the server, post-delivery protection tools will operate directly in the email server, and isolation-based approaches will isolate email threats entirely away from endpoints. All three offer something slightly different, meaning that each is more effective at blocking certain attacks than the other. In any case, deploying a mix of two or more approaches can offer more comprehensive protection.
What Benefits Can Email Security Bring?
With a layered, comprehensive approach, emails security solutions can offer:
- Malware and ransomware protection
- Spear and BEC phishing protection
- Email content filtering
- Credential theft prevention
- Data exfiltration
- Web threat isolation
- Phishing protection
- Spam filtering
- Data encryption
Email is often the number one route an attack will leverage in order to instigate an attack on a network. Email security services can help to ensure that your email accounts and network remain protected.
