EdgeWave: The New Security Battleground Is The Inbox

Security is top of mind for many businesses. More specifically, however, email security is not, John Randall, vice president of product management at EdgeWave, told an audience of MSPs at The Channel Company's NexGen 2018 Conference and Expo Tuesday.

"The new battleground is at the inbox level," Randall said.

The reality is that even though nearly every business has a gateway product in place—something that many security vendors have been offering for years—phishing attacks are still a very common problem. The inbox is a very popular target for hackers, he said.

"Everyone has a gateway today, but organizations are still asking for help," Randall said.

Sponsored post

[Related: ADT Cyber Security Breaking Down Barriers To Detection And Response For MSPs]

The gateway is a necessary pre-email delivery security method, but post-delivery protection comes next.

Users own their inboxes, and once messages come through, it's up to them to know whether or not to open the message—another major part of the battle, Randall said.

"Some users get it and will double-check before they open the message. Others won't," he said.

For Fusion IT, a Grand Rapids, Mich.-based solution provider, employee training will always be one of the most important pieces of email security, said Kyle Wentworth, founder, executive vice president and CTO of Fusion IT.

"I don't care how many tools you put in place. A user who is uneducated is going to figure out a way through it," Wentworth said.

Fusion IT has watched phishing attacks among its customers drop by 90 percent thanks to the prevention education and blind testing it's giving to its clients. Fusion is currently evaluating post-delivery email security solutions.

The EdgeWave solution can help MSPs monitor and send suspicious messages back to EdgeWave for further review. The solution gives MSPs direct access into inboxes, and if a malicious message is removed, users are notified. Once EdgeWave reviews the message through its threat detection system, it is either released back to the user or quarantined, a process that takes about five minutes, said Randall.

If a malicious message is detected, the solution lets MSPs scan other employee inboxes to remove the threat before its accidentally opened. The offering also integrates with any third-party pre-delivery protection system that MSPs have in place today.

"It's a new way of dealing with issues after making it past the pre-delivery protection system that's not related to training," he said.