When you consider the fact that 91% of all cyber attacks begin with a spear phishing email, it is easy to see why it is so important to implement email security software to protect your organization. While most email solutions come with a modicum of security features built into their product, just about every major security vendor offers some type of email security software because the built-in offering is typically not going to provide enough protection; even if you are using Office 365 for email. Software, such as Office 365, works well with the delivery, receipt and organization of email – but for those who are serious about securing their business know that they need to bring in additional help. The trick is implementing the right type of email security software, but how do you know if the vendor you choose is providing you with the right product?
A Product Specific to Your Company
While no one expects the email security software to be built specifically for them, the product does have to match the type of company you are. Certain solutions are highly technical and require a staff of certified operators in order to implement and maintain the software/device. For a smaller company, this may not be an option. They may require an easier-to-use management interface or even a cloud based offering that relies on the vendor’s expertise to take care of installation and basic setup.
Failure to implement email security software properly not only means that malicious emails may find their way through your defenses, but it also may result in legitimate emails being flagged as spam so they are not delivered. The problems associated with false positives are also something that you need to consider when choosing the right solution.
Effective, Up-to-Date Technologies
All too often, email security software offerings rest on their laurels. At one point in time, they may have been lauded as the premier solution in stopping spam and/or phishing emails. However, attackers constantly change to beat current countermeasures so technology needs to evolve. At one point, content filtering was the way to stop malicious emails. Then, Bayesian filtering became the de facto technology. These methods, however, are outdated. You need to implement email security software that includes:
- STMP Challenge/response filtering
- Inbound and outbound SPF
- DKIM inbound filters and outbound signing
- DMARC management
- Zero-hour malware protection
Of course there are other features that you may consider including in your solution as well. Especially if they are not built into Office 365 by default.
The final check when it comes to implementing an email security software solution for Office 365 is to make sure that the user is involved in the process. The end user can be the most valuable resource when fighting against both malicious emails and false positives. Any solution you decide to use should allow users to:
- Rely on a personal quarantine to store suspicious emails and junk email with simple one mouse click options to release wanted messages to the Inbox.
- Create whitelists and blacklists for email senders.
- Provide an option to hold all emails from senders not in the whitelist by default.
- Identify the most malicious emails and prevent users from releasing them to their Inboxes.
This only happens when the email security software you choose is easy for the end user to work with so they are not flooded with junk email messages, and their important emails aren’t identified as spam.
As long as email is a successful attack vector for criminals and scam artists, the deluge of malicious emails will continue to find their way into your email systems. Office 365 may have been a good choice to help your end users work more efficiently with their email, but it is not an email security software solution. For real protection, you are going to have to look outside of your email solution and turn towards an industry leading vendor.
To see how Sendio’s email security offerings can help your fortify your Office 365 email defenses, sign up for a free demo right now and walk away with the confidence that you can fight back against email threats.