What is the best email security solution

More email security in the cloud - best practices for Office 365

Office 365

, Munich, SonicWall | Author: Herbert Wieler

Recommendations for action for more e-mail security in Office 365

Microsoft is at the forefront of cloud applications. The Office 365 service enables collaboration in the workplace with not only a core email application, but also with many other popular Microsoft Office apps. This potential for open information exchange also makes Office 365 a primary target for hackers.

Most organizations understand that modern emerging threats still exploit email as the primary vector of attack in delivering their payload. Targeted, coordinated attacks, data leaks and email threats (including ransomware, phishing and spam attacks) also threaten cloud-based email services such as Office 365.

Although Office 365 includes some security measures, many organizations are recognizing the need to strengthen these basic security controls. According to Gartner, at least 40% of Office 365 applications should also be protected by third-party tools by 2018.

In addition, leading industry analysts including Gartner and IDC recommend strengthening Office 365 by integrating third-party email security solutions that include at least the following key components:

  1. Advanced Threat Protection - Advanced threat protection: Most anti-virus solutions are signature-based and therefore not effective against effective threats like ransomware. A sandbox environment is required to detect and prevent ransomware and zero-day attacks before they can reach the network.
  2. Known Threat Protection - threat protection for known malware: For effective security against attacks using known malware, it is recommended that multiple virus detection engines be used to scan emails and attachments for viruses, Trojans, worms and other types of harmful content.
  3. Phishing Protection - Phishing Protection: Phishing campaigns have established themselves as the best way to spread ransomware. The minimal protection requires an e-mail security solution that includes an advanced analysis of the e-mails, with body and attachments, by using a sandbox environment.
  4. Fraud Protection: Hackers use advanced tactics such as spear phishing, whaling and CEO frauds to steal personally identifiable information or to prepare for the attack by identifying emails from the organization. Granular configurations for email settings, including SPF (Sender Policy Framework), DKIM (Domain Keys Identified Mail), and DMARC (Domain-Based Message Authentication, Reporting, and Conformance) can prevent illegitimate messages from entering your organization.
  5. Spam Protection - Spam Protection: To ensure that spam doesn't clog inboxes and network resources, the company needs an email security solution that uses multiple methods of detecting spam and other unsolicited email, including black / white lists for users, domains and mailing lists and the ability to activate third-party blacklists.
  6. Advanced Reputation Management (ARM) - Advanced reputation management: The collaboration of the reliable SonicWall Capture Threat Network sources with SonicWall Advanced Content Management (ACM) offers a dynamic and up-to-date analysis of the email components with regard to potential damage to the company's image.
  7. Data Loss Prevention - Prevention of data loss: The most sensitive communication in an organization also requires the highest level of protection. The best measure is to encrypt all e-mails and attachments with a service that works well with the e-mail security solution used.

How SonicWall Hosted Email Security (HES) can extend security to Office 365

SonicWall Hosted Email Security (HES) is a layered defense service integrated with SonicWall Capture Advanced Threat Protection (ATP) that provides fine-grained, cross-user inspection of SMTP-based traffic to block zero-day threats.

SonicWall HES includes advanced compliance scans, email management and optional email encryption to prevent confidential data leaks and regulatory violations, and to ensure the secure exchange of sensitive data.

No additional client software is required with SonicWall HES. The service also includes DMARC, a powerful email authentication method that helps identify spoofed emails to reduce advanced phishing attacks.

SonicWall HES extends Office 365 with a layered approach to defense against advanced email threats. It delivers anti-phishing, anti-spoofing, anti-spam, multi-engine AV and data loss prevention for comprehensive protection.

Solutions Brief SonicWall HES