In recent years there has been a big shift for businesses in terms of email networks and email security.
The emergence of cloud technologies has seen many businesses move from on-premise email servers like Exchange to new cloud based technologies like Office 365.
This has mirrored the rise of more sophisticated email attacks, with social engineering attacks like phishing, and business email compromise, becoming more common. This has meant that email security has needed to evolve.
What Is A Secure Email Gateway?
When email was hosted on-premise, the most common type of email security for businesses of all sizes was a Secure Email Gateway. This would’ve been a physical appliance or hosted service that filtered emails before they entered a network, blocking spam and viruses. They provided protection from email threats.
Vendors such as such as Proofpoint, Mimecast and Barracuda offer Secure Email Gateways today that protect both cloud based and on-premise email servers.
Are they good enough for emerging email threats?
Many people are arguing that using Secure Email Gateways to
try and protect businesses from cloud based email threats such as phishing and
business email compromise, will just not cut it.
John Randall, VP of Product Management at security vendor Edgewave, wrote in a recent blog post that Secure Email Gateways were ‘decades-old technology…designed to stop high volume spam and phishing campaigns.’ He argues that they are just not equipped to deal with new email threats like targeted phishing attacks and business email compromise.
This is a sentiment echoed by other security vendors such as
Avanan. They argue that because Secure Email Gateways don’t scan emails within
the email network they miss advanced threats that pass through their spam
It’s also easy for hackers to see which Secure Email Gateway
a business is using, potentially allowing them to more easily bypassing it.
All of these limitations suggest that a new technology is needed to secure email communications. A potential candidate for this is Post-Delivery Protection.
What is Post-Delivery Protection?
Put simply, Post-Delivery Protection is a method of securing emails within the email network. They are fine-tuned to stopping advanced email threats like phishing and business email compromise attacks.
They are often powered by machine learning systems or
artificial intelligence algorithms that integrate at the platform level. This
allows them to monitor all incoming and outgoing email communications within a
network. They scan these messages for potential security threats, identifying
spear-phishing attempts and other social engineering style-attacks.
These platforms can effectively help to improve the overall security of an organiation. They effectively help to block phishing attacks and are completely automated, running in the background to save IT departments time and resources.
So is Post-Delivery Protection better than a Secure Email Gateway?
Secure Email Gateways are still an important aspect of email
security. It’s important to note that many do offer phishing protection at the
email gateway. Many Secure Email Gateway providers such as Fortinet and
Proofpoint do not offer post-delivery protection, but have adapted their email
gateways to adapt to emerging email threats.
Fortinet use machine learning algorithms, sandboxing and
predicative analytics to help filter advanced email threats at the gateway.
Proofpoint offer an ‘Advanced
Threat Defense’ module which uses sandboxing, DMARC authentication and display
name spoofing to protect businesses from ransomware, malware and credential
Secure Email Gateways also offer some other advantages over Post-Delivery protection. For example they are designed to stop bulk amounts of spam and phishing campaigns from reaching inboxes.
While Post-Delivery systems offer strong protection from targeted attacks, they are not as secure against large scale attacks, where it’s likely that a few malicious emails will reach the email inbox.
What Email Security Platform should you be using?
There are advantages to both Secure Email Gateways and
Post-Delivery Protection. The type of security you choose will largely depend
on what type of business you are, and what type of threat you face.
Many small businesses will be secure with a Secure Email
Gateway that has technology to stop phishing approach. However, businesses who
have been targeted by phishing attacks may find they need Post-Delivery
Protection alongside more traditional email filtering.
As I previously mentioned, Office 365 does have an inbuilt
Secure Email Gateway. Many will find it does not block many email threats,
however. Some Post-Delivery platforms such as Agari, argue that in fact the
inbuilt Secure Email Gateway is fine to use for basic spam. They suggest you
supplement this platform with their more advanced threat protection suite, for
multi-layered email security.
A multi-layered security approach with both a Secure Email
Gateway and Post-Delivery protection is what many vendors see at the moment as
the best way to protect an email network.
Vendors such as Barracuda and Ironscales offer both a Secure
Email Gateway and a Post-Delivery Protection platform that integrate to protect
the network both at the gateway and internally.
In the future, Post-Delivery Protection platforms may develop to the point where they can become a unified platform for protecting all email threats.
But at the moment a multi-layered security approach may be the best way for a business to secure its email network.