Advertisement

Security News

10 Things You Need In An Email Security Service

Michael Novinson

From detecting snowshoe spam and compromised cloud accounts to providing simulated phishing attacks, sentiment analysis and oversight of east-west traffic, here are 10 things companies should look for in an email security service.

Understanding That Blocking Spam Isn’t Enough

Businesses can’t leave spam protection behind but now face threats that didn’t exist when their email server was hosted on-premises such as account takeover, lateral phishing and business email compromise (BEC), said Brian Babineau, senior vice president and general manager for Barracuda MSP. Since Office 365 lives online, Babineau said employee email can now be accessed from any device.

There are limited ways to disrupt on-premises Microsoft Exchange such as through spam or attacks that shut down the server altogether, Babineau said. But with Office 365, Babineau said there’s a fair amount of access and damage that can be done since the adversary doesn’t need to make itself known right away and can move around laterally to look for more opportunities to infiltrate the organization.

It’s easier for an attacker to remain unnoticed in Office 365 as it’s gathering information since the entire service hasn’t been taken down even if the adversary successfully took over an individual’s account, Babineau said. Adversaries of late have shied away from a spam-based approach to bringing applications down in favor of taking a patient approach to account compromise, according to Babineau.

 
Advertisement
Advertisement
Sponsored Post
Advertisement
Advertisement