10 Things You Need In An Email Security Service
From detecting snowshoe spam and compromised cloud accounts to providing simulated phishing attacks, sentiment analysis and oversight of east-west traffic, here are 10 things companies should look for in an email security service.
Simulated Phishing Attacks
Users need to be educated around how bad actors get into our digital lives and what malicious emails typically look like, according to Hal Lonas, chief technology officer of SMB and consumer for OpenText. Employees should be trained to question things such as instructions from a supervisor to wire money or provide assistance with a password, Lonas said.
Workers only retain the lessons from security awareness training for a few months, so Lonas said users need to be constantly retrained and reminded of the latest security threats. Specifically, Lonas said running a companywide phishing simulation and scoring users on how well they respond can be eye-opening, particularly for a small business.
Small businesses often think they’re OK and are subsequently surprised by how much their employees click on, which Lonas said shines a light on what future security training should focus on. Organizations can do recurring phishing simulations to fulfill compliance requirements and ensure they’re getting better over time, according to Lonas.