Email Security for Small Businesses

Written By Russell Mickler

Another Layer of Security

I’ve recently added Email Security to my Endpoint Management (EPM) menu of services.

I’ve come to believe that the email vector requires more advanced filtration.

Traditionally, antivirus products (including my own) detect suspicious files “after the fact.” By the time the AV solution can examine the file using its heuristics, the file’s already been downloaded and put on the user’s hard drive. By then, the suspicious file had already defeated a number of safeguards:

  • The safeguards on the mail server to detect and classify the email as a threat or spam were defeated.

  • The behavioral safeguard failed (the end user didn’t consider the file suspicious and downloaded it anyway, or, they processed a malicious request to transfer funds or give up a piece of confidential information).

  • The safeguards on the mail client (Gmail web interface or, say, a thick client like Microsoft Outlook) were defeated.

  • The antivirus product didn’t have time to scan the file locally before removing it from their downloads folder (since scans run periodically and the user typically accesses downloaded files immediately).

So, on a Windows PC, the last line of defense is heuristic scanning by Windows Defender and a 3rd-party antivirus product, which provides no protection against zero-day attacks. But that’s if the email contained a MIME attachment (a file) at all.

Even with aggressive spam filters and threat detection enabled at a high level on the mail server, I’m increasingly seeing more dangerous content slip through, threatening my user community, primarily from phishing attacks (emails sent to users that look legitimate, convincing the user to transmit money, or, execute a payload by downloading an infected PDF).

Phishing Attacks

Phishing is an evolving, critical challenge that exploits human behavior. The attacker uses social engineering to deceive users, making detection difficult. I’ve always felt that combating phishing is more behavioral (I’ve convinced users to forward suspicious emails to me if they’ve questioned their validity), and that process helps train people to spot suspicious attributes. I’m still here for that — any client that wants a second opinion on an email can always ask for my advice at any time.

Increasingly, though, I’m seeing my clients hit by phishing scams. Most small businesses have limited resources and time. What they need is a practical, cost-effective solution that renders that opinion at the mail-server level, that screens the email before it hits the user’s mailbox.

My Solution

Complementing my EPM programs, I’m now offering Email Security for Google Workspace and Microsoft 365. It stops phishing attacks with an adaptive AI that combines machine learning, behavioral analysis, and human intelligence, and is managed alongside my existing consoles (giving me instant insight into potential threats). Benefits:

  • Adaptive Email Threat Protection: My solution prevents email attacks with anomaly detection and crowdsourced threat intelligence from 16,000 security teams. It continuously adjusts to new threats with intelligent, self-learning protection.

  • Set up in Seconds: I can deploy and configure easily with just a few clicks for native API integration with cloud-based email providers — no MX record changes, no agents, no separate console. Easy-peasy.

  • Unified Endpoint and Email Security Management: It combines endpoint and email security in a single console for easy monitoring, detection, and response.

  • Rapid Auto-remediation: It accelerates response time with machine learning-based detection, classification, and remediation.

Who Is This For?

I’m thinking anyone with a compliance obligation (HIPAA, GLBA) offers the greatest incentive to implement this form of control. The price of civil penalties certainly outweighs the cost.

Companies that manage classified information (Accountants, Medical Practitioners, Attorneys) would want this kind of control to reduce the risk of inadvertent sharing with others.

Anyone who’s been bitten by a phishing attack — they accidentally transferred money to someone they shouldn’t have; they gave up their credit card to a 3rd party; they downloaded a file that granted another party access to their computer; they inadvertently fell victim to a support scam. They’re likely to be attacked again. Further, they’ve been there —they know what that felt like —and the price of the safeguard seems super cheap compared to the risk.

But it’s also for anyone who wants to proactively prevent this kind of thing from happening to them. Phishing attacks are becoming increasingly sophisticated, and I’ve come to believe that relying on human behavior isn’t practical. Another layer of technical safeguards just makes sense.

How Can We Get Started?

If you’re an existing client, just email me. Otherwise, I’m just a hop-skip-and-a-jump away.

R

Russell Mickler

Russell Mickler is a computer consultant in Vancouver, WA, who helps small businesses use technology better.

https://www.micklerandassociates.com/about
Next

Data Privacy and Compliance: What Every Vancouver, WA Law Firm Should Know