Foration Blog

What email security really needs to deliver.

Paul Weeden

Written by Paul Weeden

Founder & Managing Director at Foration. IT and technology fixer.

[fa icon="clock-o"] 9 September 2015 [fa icon="user"] Paul Weeden [fa icon="folder-open'] advice, data security, security

Although they do vary slightly, the statistics around email never fail to amaze me. It is reported that 182.9 billion emails are sent and received every day. With around 7.4bn people on Earth, that equates to around 25 daily emails a day for every person on the planet. It’s no surprise then, that email seems like the logical gateway to exploit and attack technology and businesses.

But what does email security really need to deliver?

  1. Confidentiality

We need to ensure that our emails are secure, and cannot be changed or accessed by any parties wishing to do so. We also need to ensure that no malicious activity can take place and emails are free from risk.

  1. Integrity

We need to ensure that emails and traffic are protected, reliable and are securely received the way they were intended.

  1. Availability

With email being such a vital method of communication, it is crucial that we can send or receive email 24/7 and as such the technology platforms need to deliver always on availability and provide a secure and reliable service.

The Risks

It is reported that more than 317 million pieces of malware or threats were released last year (Source CNN) ensuring any security solutions applied, needs to be adaptive to new threats and activities. Some of the most commons ways to exploit email are:

  1. PhishingEmails

Phishing can be summarised as the sending of malicious emails purporting to be from a reputable sender with the intention of getting the recipient to divulge information. Think of an email from ‘your bank’ asking you to confirm your accounts details, or ‘from’ Facebook asking you to confirm your password. Neither institution will ever ask this. These are Phishing scams.

  1. Email Attachments

Virus come in many forms, some that are harmless, and do no more than replicate and forward themselves to your contacts – the ‘I Love You’ virus in 2004 was a great example.

Other attachments have more sinister intent, and look to destroy files on your computer, or disable it completely! Historically, viruses were executable programs, such as (.exe, .vbs, .zip) but more commonly today they are distributed by common file types like Word, Excel and Adobe documents. Just as we teach children not to accept things from strangers, it is important we only open attachments from trusted sources! But, during the busy working day sometime employees run on autopilot and just click.

  1. Malicious Content

With HTML being the format of many emails, the sneaky folk have been exploiting embedding the viruses in the links and pictures of the email body! This embedded malware can automatically execute and exploit your computer and what sometimes seem like harmless link, can have a major impact!

How can I protect my company?

Whilst threats increase and the clever delivery methods change, so does the intelligence provided by Cybersecurity. Robust platforms like Mimecast, do just this and address the three main requirements mentioned at the start of this blog.

Confidentially can be achieved by having a solution that securely inspects emails, attachments and links to ensure there is no malicious activity BEFORE the message reaches your inbox. Robust constantly updated anti-spam and anti-virus, delivers the most up-to-date threat assessment and fixes, ensuring your email systems are protected. In addition data leak prevention tools help to prevent an unfortunate leak of confidential data, which have made the news on many occasions in the last year.

Integrity ensures the critical data is delivered to its intended recipient and any confidential information remains private. The other key element of integrity is ensuring that this data is protected from accidental or malicious deletion to ensure you meet any regulatory or data retention obligations Should the original communication have to be restored to handle a dispute or investigation you need confidence that this data can be recovered quickly and reliably.

Availability for some can be a challenge, those running a single mail server that dies without any failover/continuity solution, often find themselves unable to communicate or run the business until it’s resolved. Many of the available solutions offer high availability always-on services, with the ability to access from any web browser. In the event of an internal mail server failure, email communications continue to operate after a seamless failover to the mail system.

Email security is one small element of any business’ overall Cybersecurity strategy, and we but hope this blog can get you thinking about the threats and risks you face both at work or home. If you would like to discuss securing your email or your broader Cybersecurity strategy, please give us a call [insert link]

Remember the next time you get an email from an African prince looking to off load a small fortune to your bank account, that it is probably malicious. However how confident are you with the mail from that new supplier vying for business attaching their latest case study?

Email Security Diagnostic from Foration

If you would like to find out more about Foration and how we can help you- click here

Paul Weeden

Written by Paul Weeden

Founder & Managing Director at Foration. IT and technology fixer.

Subscribe to our Blog

Recent Posts