With more and more organizations adopting cloud services such as Gmail Mail and Microsoft Office 365, migrating their mailbox hosting to the cloud, a common dilemma CISOs face is whether to “put all the eggs in one basket”, and trust the hosting provider to protect the mailboxes as well. Most organizational cloud email providers are suited with basic security features, but what about when we REALLY need to make sure our emails are completely safe?
Despite being market-leading players, common cloud service providers seem to fail to secure mailboxes efficiently. Since hosting providers are a main target for hackers, they Lack the ability to provide complementary features which will guarantee Full Encryption and total protection against outside threats along with accessibility from within the organization. Here are some important considerations to keep in mind when keeping our organization’s email safe:
- Common providers allow the option for hackers to easily obtain a “testing” mailbox. through it, they will attempt to run malware against the protection engines until eventually it succeeds to breach through into your personal inbox. From there – the way to millions of inboxes is very short.
- Large email providers are the primary ideal target for hackers. Hackers have more motivation creating malware which is relevant for and capable of infecting as many mailboxes as possible. Breaching through large providers defense would be the most rewarding, thus the preferred target for hackers. In other words – phishing Hosting Providers is simply fishing where the fish are!
- Hosting providers offer various services for their clients. While getting hands on an email account and the contacts it contains may be a nice trophy, Credential Harvesting is most rewarding when it grants access not only to the mailbox, but also to other corporate resources and assets associated with the same Hosting or Cloud Provider.
- With so many subscribers, false positives may turn to be catastrophic. Large providers tend to tweak security filters very carefully trying to avoid false-positives. This could potentially come at the cost of security – preferring false negatives (and passing potentially malicious content), over false positives, thus exposing the organization to more security risks.
- Enterprise Email Hosting requires great capability in terms of managing parallel sessions of users withing the platform. When a huge number of subscribers ask to sandbox attachments at the same time, Performance may become a serious issue . In such cases, security scanning may take a lot of time, sometimes even up to an hour.
- Large providers tend to offer slow and complex interface logging and alerts which normally requires additional subscriptions for extra information and further auditing. This is a big problem when IT resources are limited, or when IT is flooded with various products and interfaces accessed on a regular basis.
- Another great value missing among large providers, is the ennoblement to provide insight into both the attack and the attacker to make it easier to prioritize alerts and respond to threats.
- Large Hosting Providers do not consistently investigate security incidents. Thus, they don’t offer the same security standard as Intelligence security providers do. It is essential for enterprises to posses a security service which is provided by an Intelligence company, fueled by knowledge of security experts, daily investigating the business world’s breaches and hacks.
No protection is a 100% bulletproof in the cyber world, however – the more layers we add to security, the lower the chances of malicious content passing through. 3rd party security services offer great value for enterprises, both when it comes to operational cost savings and in adding another layer of security. Normally, using feeds from various vendors, these providers are capable of spotting known threats at much higher rates, and identifying unknown threats by sandboxing in an isolated environment.
About the author:
Internet Binat provides communication and information security services to the business sector. Our services include internet access, information security, communication infrastructure administration, WAN networks and server hosting in Israel and abroad.