Email: The Weakest Link
Email: The Weakest Link? It is a fact that the vast number of emails sent to an organisation are either spam or ransomware attacks, with many targeted hacks starting via email. Even the most careful of us can be duped into clicking a dubious link or opening a dangerous attachment. Traditional email has the confidentiality level of a postcard, easily read by anyone involved in its transport, the problem is clear.
So, it is not surprising that 91% of cyberattacks start with an email and remain the largest attack vector for malicious actors, as it is cheap, easy to use, and provides a direct communication channel into an organisation.
Sadly, so keen are we to open email that simple things are often over-looked, such as checking the addressee’s name. And, we are so used to letting our systems populate our ‘To’ fields that we don’t double check whether it is the correct ‘Paul Smith’ we are sending to. We are constantly told to watch out for phishing emails, but rarely to take care of what we are sending.
Lack of care becomes even more of a problem when confidential or sensitive data is attached. Is it being sent to the correct person, should the attachment be allowed, who else could read the email? Even if it is good to send, how do we know it was received, when was it read and, if it has been forwarded?
Managing email security is a complex challenge that provides organisations with little in the form of competitive advantage. It often makes little sense for organisations to attempt to manage the intricacies of email security by themselves.
As a result, many turn to service providers to handle the issues surrounding email security. Such services aim to provide secure and verifiable collaboration and communication for both organisations and end users. It enables emails to be sent and received securely, as well as providing a verifiable and auditable trail of all communications, in-order to satisfy both security and regulatory compliance requirements.
Many of these services are cloud-based with some requiring the user to adopt a solution specific application. The better and more versatile products work on any standard infrastructure that is already in use, including all the main email applications.
Such secure email services can be used as a standalone service or as one that is integrated into workflows that are in place. This means that neither the sender nor recipient of emails needs to change anything that they do in terms of the way that they are used to dealing with emails. They work with any email address, turning a normal email into one that is secure, such as the way that normal mail works, but is registered. It ensures that all email can be traced to the original sender and recipient via the transaction register that is provided through the service.
Ordinary emails will then be brought into compliance with requirements such as data privacy and protection laws and other industry standards. It also extends coverage to any mobile device use.
Digital Pathways research has shown that a secure email service could save up to 75% of the cost of sending a physical letter, meaning that even the most sensitive and confidential information can easily be sent in a cost-effective manner that serves the purposes of any organisation. It will enable productivity gains, elevating emails to the level of registered mail for a fraction of the cost.
Having good anti-virus (AV) protection is a must when it comes to protecting email. Most secure email gateways have one anti-malware engine, and no matter how often virus definitions are updated, any given anti-malware engine is going to miss some threats. Current best practice, is to add more AV scanning engines, called multiscanning, to increase the detection rate of malware. By using more than 20 anti-malware engines, companies can reach a detection rate of more than 99% so that a new threat can be quickly detected and remediated.
Along with ensuring a high detection rate of malware, multiscanning also identifies malware outbreaks more efficiently, by consolidating virus definition database updates. As the number of antivirus engines increases, the time of exposure to malware decreases. With more than 20 anti-malware engines, an organisation can significantly reduce exposure to malware to less than 10 minutes.
Multiscanning technology also improves the detection of outbreaks by using a variety of engines using a mix of heuristic, machine learning, and signature-based detection. AV engines support pattern (or signature) matching to detect malware variants that exhibit similar behaviour to other variants in the same malware family. AV engines, using only definition databases, are less suitable for this purpose, while engines using artificial intelligence and behavioural heuristics can identify complex viruses, even polymorphic and unknown (zero-day) viruses.
With the risk of substantial GDPR fines, gaining control on emails and ensuring you know where sensitive data is being sent is critical. The way email, and the sharing of documents, are handled needs careful consideration and protection. The excuse that an email went astray, or personal information was disclosed to a non-authorised party, will no longer be tolerated.
Email has become an essential communication tool, vital for almost every organisation and consumer. But security is a must. Ensuring all communications are done in a secure, cost-effective manner is no longer simply an option.