Is your (cloud) mail infrastructure protected ? (i-Force)

Author: Pieter Van der Hulst (i-Force)

Publication date: 09/04/2021

Despite its pervasive use and age, emails are considered as one of the top attack vectors when it is about security breaches. As per the Data breach statistics, it is being found that the email system is the main source for cybercrime occurrence in 96% of situations. These situations are generally caused due to human errors, which result in a security disaster, and 52% of malware gets installed via email. It is also being observed that organizations are only having 16 min until the initial click on a phishing campaign. Unluckily, the first report from an individual who recognizes the scam email will only be reported after 28 minutes.

Key findings

• 91% OF CYBERATTACKS START WITH A PHISHING EMAIL
• 68% OF SPEAR-PHISHING EMAILS SEEN IN 2020 CONTAIN A URL
• 84% OF MALICIOUS URL THREATS GO UNNOTICED WITH IN-HOUSE SECURITY
• 52% OF THREATS WERE DISTRIBUTED AS MALICIOUS ATTACHMENTS VIA EMAIL IN 2020

Recommendations when choosing a mail protection solution

Block advanced malware

94 % of malware is delivered by email. Use a solution with real time threat intelligence and finetuned machine-learning techniques,

It should be able to protect your Microsoft Office 365 environment from viruses, trojans, ransomware and other advanced malware.

• Detects advanced threats by scanning harmful contents in file attachments found in Exchange items.
• Advanced threat analysis that uses machine-learning techniques and sandboxing environment analyses potentially malicious files in virtual environments. Identifies and blocks even the most sophisticated zero-day malware and exploits.
• Leverages real-time threat intelligence gathered from other security clients  for faster and better protection against new and emerging threats.

URL protection

Email protection should detect threats that users don’t notice. A Cloud Protection for Microsoft Office 365 should identify and block malicious files and URLs that would bypass human control.

• URL protection proactively prevents Microsoft Office 365 users from accessing malicious or unwanted content. It prevents users from being tricked into accessing seemingly legitimate phishing sites and malicious sites.
• Scans the body of the Exchange items and queries the reputation of included URLs . If the link is deemed malicious based on the information received from the query, the access to the URL is blocked.
• All content types including email, calendar invites, and tasks are scanned for malicious content (and not only the email items).

Easy deployment

Choose a Cloud Protection for Microsoft Office 365 that is easy to deploy within minutes.

• The installation wizard makes deployment extremely fast.
• Leverages cloud-to-cloud integration and does not require additional middleware or software.
• Be able to use default policies to speed up the deployment. Default policies with rules also help to eliminate configuration errors that can leave your security environment exposed and ineffective.

Easy management

Manage everything through a single cloud-based console. A webportal should simplify the deployment, management and monitoring of endpoint security components and integrated tools.

• Worry-free administration in a single portal.
• Full integration readiness for third-party management tools.
• Customizable reporting function.

Read the original article here