As we all get used to our new normal of remote working, businesses are relying more than ever on email to stay connected with both colleagues and external partners. Email is the number one channel businesses use to communicate, and with the growth of cloud-based email platforms like Office 365 that offer an easier way to access email and collaborate on files, it’s clear that email is here to stay.
However, cyber-criminals are taking advantage of the security gaps within email platforms to exploit users and threaten businesses. According to the Verizon Data Breach Report, 90% of data breaches start with a malicious email, as attackers can use emails to distribute sophisticated phishing attacks and harmful malware such as ransomware. For this reason, it’s critical that managed service providers (MSPs) are aware of the risks surrounding email and understand the solutions available. To find out more about the risks from the email channel and how MSPs can protect their clients against them, Expert Insights spoke to Gill Langston, Head Security Nerd at security provider SolarWinds.
SolarWinds was founded in 1999, beginning as a provider of IT operations, management, performance monitoring and database management services. They then moved into security focussed solutions, offering their services primarily to the MSP market after their acquisition of Enable Technologies. They now offer a wide range of security services to MSPs, including email security (SolarWinds Mail Assure), RMM and a channel-focussed password management service.
Langston has worked in cybersecurity solutions since entering the IT industry, working with a number of small and midsized organizations, MSPs and large enterprises, to help them to secure their networks from cyber-threats. At SolarWinds, Langston works with MSPs to help promote cybersecurity best practices, working on training boot camps and webinars.
Email Threats Are A Major Security Risk; It’s Not Just Spam Anymore
The cybersecurity risks from email have increased massively in the past few years. Langston says that when he first started working in cybersecurity, the major threat that was associated with email was spam, with the occasional malicious attachment popping up every now and then.
Most problems with email security have traditionally been seen as simply an “annoyance” Langston says, rather than a genuinely harmful cybersecurity threat that can put users and whole businesses at risk.
Today, the email threat landscape has changed completely. Malicious cyber-criminals are now using the email channel to distribute huge amounts of highly damaging malware, sophisticated phishing attacks and malicious attachments, often including ransomware.
Attackers are now looking to impersonate users and gain access to “move laterally within a network,” he says. These business email compromise attacks can be highly damaging, as attackers look to gain access to email accounts and use them to send out fake invoices, compromise sensitive data, or deploying ransomware.
“Email has today become the gateway for attacks,” Langston says. “It’s the first step in a multi-stage attack for threat actors, because no matter how complex your organization and security processes are, you’re still going to be relying on email on get your job done.”
What Are The Challenges To MSPs From Email?
The biggest challenge for MSPs when it comes to email threats is that their end clients often are not aware of the threats that can come from the email channel, Langston says. “Many organizations have really no understanding of this risk, and the need for multi-layered email security solutions. So, they push back against the MSP,” he says.
SolarWinds MSP aims to combat this issue with boot camps and events arming MSPs with the know-how and skills to help educate prospects and customers about how serious cybersecurity threats can be and deliver security processes. This includes making sure they understand not just the harm an attack can do, but also the threats to company reputation when data is lost or leaked.
The second major challenge is that MSPs are extremely busy, with huge time pressures. “The MSP essentially has the job of being the IT department for multiple organizations,” Langston says. This means it can be difficult for MSPs to be able to research and find the right solutions, with packages that meet their clients goals, and their own. It also means it’s extremely difficult for MSPs to keep up with a quickly changing threat landscape, while also dealing with day-to-day client issues.
Another problem facing MSPs is that they are increasingly becoming much more of a cyber-crime target themselves. In 2019, 74% of MSPs reported being the victim of a cyber-attack, and in June the US Secret Service released an alert for MSPs to be aware of increased cyber-attacks that specifically target the service provider community.
“We hear almost weekly about managed server providers essentially becoming part of a supply chain attack,” Langston says. “The access to the managed service provider gives the bad actor access to multiple other organizations, the MSPs’ clients, which is going to increase their probability of getting paid.”
A lot of the time, these attacks start with a well-crafted phishing email, which leads to an unfortunate end user accidentally logging into a phishing website or accidentally handing their credentials to a malicious actor. This is a major concern for the MSP community, Langston says, which highlights the importance of implementing email security best practices and ensuring that MSPs have strong email security processes in place.
What Are the Most Important Email Security Features for MSPs?
Email protection is one of the core components that MSPs need to offer to their customers, Langston says. Email is often the first way in for many advanced cyber-attacks over the internet, and so having an inbound cloud-based email filtering service to block malicious emails is hugely important to keeping your clients secure.
Many service providers are moving to cloud-based IT services and, with the increase in popularity of cloud-based email suites like Office 365 and Google Workspace (formerly G Suite), cloud-based email security systems are the best option for MSPs, Langston says. “Having a cloud-based platform means you don’t have to manage any addresses, you can have multiple customers in one console, and you can manage everything from one place,” he says.
Customizability is another important feature in a strong email security platform. MSPs need the ability to configure blanket settings for their clients, Langston says. But it’s also key that end users can fine tune the service themselves, configuring filtering rules and being able to quarantine emails within outlook.
It’s also important that MSPs find a solution with multi-layered threat protection, which goes beyond just spam filtering, but can protect against the sophisticated email threats that are facing organizations today. A strong solution should support delivery technologies like DMARC, SPF and DKIM, Langston says. These systems help to validate legitimate email senders and protect against domain and brand spoofing. Utilizing new technologies such as machine learning is also important, he adds, helping to protect against advanced phishing attacks by heuristically scanning inbound and outbound email.
How You Can Find The Right Email Security Solution
Langston advises all organizations that are struggling with email security threats to evaluate the current email security systems they have in place and identify areas that are working and not working. This, as well as taking advantage of the wealth of training materials that can be offered, can be a good step in identifying weaknesses that can be overcome simply.
Langston advices MSPs that are looking for a security solution they can use to protect their end clients to consider SolarWinds Mail Assure. “Mail Assure is cloud-based, has a very high 99.999% threat block rate and it’s really easy to configure,” he says. “As more organizations are moving to Office 365, we’ve also recently added modules that allow users to easily integrate with Office 365. Mail Assure pulls in all of your users without the need to configure mailboxes, and it sets up threat protection policies automatically.”
Thanks to Gill Langston for participating in this interview. You can find out more about SolarWinds Mail Assure by visiting their website, or by reading our review of the service.