Secure Email Gateways: Perimeter Security for the Mailbox
In the business world, 90 trillion emails are being sent each year. According to Kaspersky research, over 57% of those emails were classified as spam and malware. This makes email a very real threat vector that can infiltrate a user’s endpoint, branch offices, and even the data center. It’s important as ever to secure employee and user inboxes, and there have been continual advancements in security surrounding products that identify threats and safeguard users against them.
Security Email Gateways are one of the many sets of products used to mitigate email threats. SEGs act as perimeter security for both incoming and outgoing email to ensure that threats from outside an organization can be flagged and quarantined from a user’s mailbox, as well as preventing the spreading of malicious content from a compromised endpoint.
For personal accounts, many popular email providers have some form of SEG implemented that will safeguard individual mailboxes. The business world, however, looks to specialized solutions that will provide a higher level of flexibility and effectiveness to meet the needs of an organization while safeguarding employee mailboxes from compromising attacks.
SEGs for inbound email security work by positioning themselves as an organization’s email server. The system then scans each email that comes in before making the determination to either block a message as spam or send it to an employee’s mailbox as legitimate email. This helps defend against threats outside of the organization such as compromised employees at an organization that has normal communication with the protected business or botnets that are utilized to send out spam.
SEGs for outbound email security work similarly to inbound security except they mitigate email threats from within the organization. An IT administrator can set up their SEG to route all outbound email, to people both inside and outside the organization through its system to apply the same email security scanning and block potential threats.
Security vendors have leveraged solutions that work both with a business’s on-premise email infrastructure as well as enterprise cloud email solutions such as Microsoft Office 365. At Myriad, we focus on leveraging vendors that have moved beyond the standard scanning of emails and use more efficient pattern matching and hashing to balance security and speed to the mailbox. We also look to make sure there have also been improvements on granularity based on an organization’s needs, placing enhanced security and safeguards on more at-risk departments or users, such as an organization’s finance department.
While SEGs are not the only solution in the realm of email security, it is a very effective one, allowing security from the perimeter of an organization’s email infrastructure. As new and inventive ways are being developed to compromise users through their mailboxes, SEGs are constantly evolving to take on these changing threats and will continue to help provide a layer of security on the de-facto standard of electronic communication between business and users on the Internet in general. At Myriad, we’ll work for you to find, evaluate, recommend, and implement the best SEG to secure the perimeter in your business to help keep you ahead of the curve.