Email Security: Everything You Need To Know (FAQs)
What Is A Secure Email Gateway?
A secure email gateway (SEG) is an email security tool that prevents malicious emails from being delivered or sent from your email network. SEGs filter email messages using signature analysis, attachment sandboxing, URL scanning, and machine learning in conjunction with configured admin policies, to remove harmful email content before it reaches corporate mail servers and user inboxes. Suspicious content is either quarantined, deleted, or marked as unsafe.
Secure email gateways are typically cloud-based but can be deployed as an on-premises or hybrid appliance. They are usually deployed through redirecting your DNS MX-records, which directs email messages via the filtering service before they reach user inboxes.
What Are Integrated Cloud Email Security Solutions?
Integrated Cloud Email Security (ICES) Solutions are cloud-native email security tools that can be used alongside (or to replace) a secure email gateway. Unlike SEGs that require you to redirect DNS MX-records, these tools are cloud-native, and can integrate directly into cloud email platforms such as Microsoft 365 and Google Workspace via API.
Not only does this approach have a faster deployment, but it also results in more effective protection against threats inside the email inbox. ICES solutions will use machine learning to scan internal email communications and identify indicators-of-compromise (IOCs), signifying an account has been compromised to send out malicious email messages. Using these tools, suspicious emails can be automatically removed from all user’s inboxes, even after delivery.
Our recommendation is that businesses needing strong email security should consider implementing multi-layered email protection, pairing a gateway with some form of cloud-native inbox-based email security solution.
Why Is Enterprise Email Security Important?
Email continues to be the top threat vector for many times of cyber-crime. 81% of organizations around the world have seen an increase in phishing since 2020, and in 2021 almost 40% of data breaches involved a phishing attack.
Originally, spam was the biggest nuisance that companies faced with email. Ranging from the farcical (far-off Royals promising riches) to the malicious (adult and harmful content sent to mailboxes). Spam was a major headache for IT admins in the early days of the internet and continues to be a problem even now – estimates are that up to 49% of all emails are spam.
SEGs can deal with spam content very effectively – they often use new or low-reputation domains which can be quickly blocked by the email filter. But modern email threats are much more targeted and advanced. Phishing is one of the most common causes of data breach today. They often originate within the email channel and aim to trick users into clicking harmful web links or making fraudulent payments. Advanced malware and ransomware also commonly spread via phishing messages or by compromised email accounts.
Modern email security tools, such as SEGs and Integrated Cloud Email Security solutions, protect against these threats. They use a range of techniques, including attachment sandboxing, URL filtering, domain reputation assessment, and machine learning, to filter email content.
It is important for all organizations to have an effective email security framework in place to protect users, customers, and partners from sophisticated email threats such as spam, malware, phishing, and business email compromise. Email security is also important to ensure and demonstrate compliance with data security regulations.
What Are The Key Features Of Secure Email Gateways?
Email security gateways are designed to act as a shield for your email network, blocking inbound malicious email content from reaching user inboxes, and preventing outbound malicious email content from being delivered. Admins should have the ability to configure policies which govern how this filtering works. They may wish to block emails from certain domains or allow emails from known safe senders.
In addition, email security gateways should provide detailed reporting to help organizations track incoming email threats. Many email gateways also include integrated, complementary email technologies, such as email archiving, encryption and DMARC.
Key features of secure email gateways include:
- Protection against harmful email content across all email platforms (M365, Google Workspace, Exchange On-prem etc)
- Admin policies and controls to govern how the email filter works
- URL filtering
- Attachment sandboxing
- Integrated email security tools, e.g. email archive, email encryption, DMARC
How Do Email Security Tools Work?
Email security tools are designed to protect email accounts, content, attachments, and users against malicious activity, compromise, or breach. This covers a broad range of use cases, including preventing the delivery or sending of malicious email content, such as harmful attachments, ransomware, and phishing mail.
The tools are also responsible for encrypting email messages that contain sensitive data, preventing users from clicking on malicious URLs, providing data leakage protection (DLP), and displaying warning banners on potentially harmful email messages.
How Does A Secure Email Gateway Work?
Before cloud email hosting, the most common form of email security tool was the “secure email gateway (SEG)”, a physical appliance that would sit in front of the email network and monitor incoming and outbound email traffic to remove spam and malware. Today, email security tools are more commonly cloud-based, with organizations redirecting their mail exchange (MX records) to point their email towards a cloud-based SEG.
Many email security gateways use a mixture of email content scanning, domain reputation, URL scanning, and attachment sandboxing to make a deterministic assessment of an incoming email message. If the message is deemed malicious, it is blocked; if it is deemed safe, it is delivered.
These tools work using a variety of techniques including greylisting, real time blacklists (RBL’s), constantly updated spam definitions, pre-defined DLP rules, anti-malware, and sandboxing engines to detect and remediate against malicious email content.
In the era of cloud-based email platforms, such as Microsoft 365 and Google Workspace, a new category of SaaS-based email security tools has emerged. These services, named “integrated cloud email security” (ICES) solutions by Gartner, address cloud-based vulnerabilities, most sophisticated phishing threats that evade the traditional, static controls used by SEG services.
These tools integrate directly into the inbox environment and are deployed either via an API connection or using mail flow rules. These tools can address SEG gaps by scanning the inbox environment directly. This means they can scan internal email which SEG’s traditional have been unable to achieve. They are also able to remove potentially malicious email content from all mailboxes, instantly – even after an email has been delivered.
Top 11 Email Security Gateways: Shortlist FAQs
Why should you trust this Shortlist?
All vendors on this list have been technically reviewed by Expert Insights CEO and Founder, Craig McAlpine. Craig has over 25 years’ experience in the email security industry. In 2003, he founded EPA Cloud, an email security company which was acquired in 2013 by Global (now Ziff Davies Inc).
Craig is an experienced email security innovator and practitioner who has worked in front line email security management, in an MSP environment, as an email security supplier, and vendor in the course of his career. This article was written by Joel Witts, the Content Director at Expert Insights, who has been covering the email security market as a journalist for over 6 years.
The research for the vendors included on this article has included:
- Our own technical reviews and testing of several dozen leading email security and email encryption providers.
- Interviews with over 30+ executives in email security gateway and ICES markets.
- Discussions with 200+ businesses over the course of several years about the most important requirements in an email security and email encryption solution.
- First-hand industry knowledge and expertise over many decades in the email security industry as an entrepreneur and innovator.
We have conducted technical reviews, watched demos, or deployed trials for every vendor on the list. We have also reviewed vendor documentation and third-party user reviews and feedback.
This guide is updated at least every 3-months to review the vendors included and ensure features listed are up to date.
Who is this Shortlist for?
This shortlist is written for businesses looking to implement an email security gateway platform to secure internal and external business communications. While the article focuses on secure email gateways, we are aware phishing protection is a key consideration for many businesses. For this reason, we have also included cloud-based email security solutions deployed via API. While these are not SEGs in the traditional sense of the word, they are relevant for the requirements of many readers, and, indeed, can be seen as the evolution of the SEG.
How was the Shortlist picked?
When considering email encryption solutions, we evaluated providers based on the following criteria.
Features: Based on conversations with vendors, end customers, and our own testing, we prioritized the following key features when testing:
- Natural Language Phishing Detection: Effective use of email content analysis to detect and remediate against phishing emails.
- URL Analysis: Effectiveness of time click URL protection and sandboxing is critical to prevent users visiting malicious web pages.
- Attachment Sandboxing: Robust anti-virus and anti-malware engines to detect and block malicious attachments and ransomware.
- Account Takeover Protection: Machine learning analysis to detect email account takeovers and reduce the risk of business email compromise.
In addition to the above features, we also considered ease of management, the deployment process, additional capabilities, end-user features, and customer support available.
Market Perception: We reviewed each vendor included on the Shortlist to ensure they are reliable, trusted providers in the market. We reviewed their documentation, third-party analyst reports, and (where possible) have interviewed executives directly.
Customer Usage: We use market share as a metric when comparing vendors and aim to represent high market share vendors and challenger brands with innovative capabilities. We have spoken to end-customers, and reviewed customer case studies, testimonials, and end user reviews.
Product Heritage: Finally, we have looked at where a product has come from in the market. We have considered when companies were founded, their leadership team, their mission statements, and their successes. We have also considered product updates and how regularly new features are added. We have ensured all vendors are credible leaders with a solution we would be happy to use ourselves.
Expert Insights have tracked over 50+ email security vendors on the market today. This list is designed to showcase the best solutions for businesses. We have tested and reviewed many email security solutions that have not been included on this list. There is no implied criticism for any solution not included.
For more information on how to choose the best email security solution, read our Email Security Buyers Guide.