A sharp increase in mass remote workforces added to the already significant exposure, both legally and from a cyber perspective, posed by malicious and inappropriate web content. With an ever-growing range of threat vectors and sources online, security teams struggle to identify, block and adapt to this deluge – driving up risk and adding to the burden placed on already overloaded front-line teams.
Sapphire helps organisations with advanced web and email filtering capabilities. Powered by cloud-based and or on-premise security systems, this platform can analyse billions of incidents daily and apply policies or security controls tailored to the specific operating environment. This reduces workload and increases effective resource allocation.
The definition of email security is the controls for keeping sensitive information in email communication and accounts secure against unauthorised access, modification, loss, or compromise. The spread of malware, spam, and phishing attacks is often accomplished using deceptive email messages to trick the recipients into opening malicious attachments, leaking sensitive information or clicking on embedded URL links that install ransomware and other malware on the victim’s computer. Email is also a common starting point for attackers to footprint an enterprise network in the early reconnaissance stages that lead to an actual attack.
Spam is traditionally defined as unwanted or junk email. Whether this is purely nuisance email messages akin to the junk mail that is posted through your front door letterbox or, more frequently, a message is seen to be problematic when it may contain upsetting, profane, racist material or more malicious factors enticing users to click on obfuscated hyperlinks to malware, phishing and spoofed web sites. Email and spam filters can block these messages using multiple detection techniques before they are delivered to the end-user.
Email used to deliver malware to a user can be sent as an infected email attachment containing the malware or an embedded URL or hyperlink to the malware. Sometimes the embedded hyperlink is only weaponised at a later date, so real-time analysis of the hyperlink is essential at ”user click-time”. Infected files can be scanned using signature-based detection techniques and more modern analysis techniques such as real-time sandboxing that can detect ”zero-day” malware over and above that which traditional signature-based detection techniques would miss.
Email transmitted from organisation to organisation can be sent in clear text, making it vulnerable to interception and subsequent data loss. This data transmission can be encrypted to prevent eavesdropping (data-in-transit) but does not secure against messages that reside on the user’s mailbox (data-at-rest) or inadvertently sent to an incorrect recipient, again causing data loss. Encryption can therefore be performed by a variety of tools and methods, ensuring against loss, tampering, spoofing, and ensuring that only the intended recipient can read the message.
Data loss prevention stops data infiltration and exfiltration capabilities and can be integrated with industry-leading systems.
Unique in-built phishing education features can help users adopt best practices and identify those who need additional training to improve their security awareness.
As an admin, it is crucial to keep track of the user’s email activity. Mail traffic and usage reports can identify any email activity anomalies and take necessary action to overcome security incidents and compliance challenges.
Web security refers to the control and measures in place to protect an organisation from threats and cybercriminals using the web as a communication channel. This communication channel is usually, but not limited to, users web browsing and application access. Web security is crucial for protecting users, data, and organisations from risk. Common risks from web threats include ransomware, malware, phishing, malicious sites, and many other inappropriate categories.
Web security controls are similar to those of email security filters in that anti-malware detection, blocked URL categories, user authentication and enumeration, monitoring, and reporting come together to form a comprehensive security gateway or security service that can be used even by remote workers.
A cyber-attack often leverages both the Web and Email channels to accomplish an attack on an individual or organisation. The implementation of a combined web and email solution can significantly enhance the security posture of an organisation.