Email security and threat vectors
Published: Friday, August 30, 2019 written by Andy Flagg
View Count: 141
Keywords: Training, Email, Threats, Vectors, Protection, Phishing
In the past 5 years, the phishing of email users has increased by a factor of 50,000.
Everyday, one person receives over 2-3 phishing scams whether they know it or not.
Some of the threats are caught upstream in junk filters that have the ability to determine packet contents and some items do not get scanned until on the client system with an anti-virus.
Some advanced tools like network packet analyzers at the edge of an organizations business where Internet traffic arrives catches and throws out these packets and contents as foreign threats and not allowed to continue into the business space.
The Advanced Threat Protection envelopes where Internet traffic continues to travel often can be useful inside cloud services but those are often threat vectors that require deep packet inspection and remediation.
Depending on the layer and location of your protection, vendors will vary yet a few always hold the top stop: Symantec, ESET, Sophos, Norton, Panda, McAfee, (Kaspersky, though banned in the US for now) for the client side, then at the edge the firewall vendors and network appliances from Cisco, Fortinet, Comodo and then cloud services like Palo Alto, Intel, Fortinet (again), F-Secure, and other magic quadrant big players
are in the hunt to be the best and still play fairly and competitively.
I use a three layered approach.
1. DNS Email records protection mechanisms
2. Firewall Advanced Threat mechanisms
3. Junk and Antivirus client side mechanisms
and one cannot forget the most important threat, the human threat and that requires constant training, and awareness reminders of the onslaught of potential threats among us in every email we send and receive.
Attachments and URL links are the biggest threat vectors, and inspection of those threats at any and all stages is vital to overall organizational protection.
of course, what comes as some surprise to few, all email should be encrypted end to end, from the client to the server, server to server, and server back to destination client. When email is processed and packet inspected, the encryption takes on an interesting fold and turn, how can deep packet inspection look through the encryption (hmmmmm)... let's ponder that one for a moment...
more to come...
if you found this article helpful, consider contributing $10, 20 an Andrew Jackson or so..to the author. more authors coming soon
FYI we use paypal or patreon, patreon has 3x the transaction fees, so we don't, not yet.
© 2020 myBlog™ v1.1 All rights reserved. We count views as reads, so let's not over think it.