email security LOGICAL SOLUTION Without protections in place, "email is a postcard, not a sealed letter", cautions Jacob Ginsberg, senior director of products for email encryption software company Echoworx. He says people often don't understand the permanence of data and how it can exist on servers long after they've forgotten about it. Sam Elsharif, the company's vice president of software development, reiterates how email is one of the most common ways for hackers to infiltrate a company's systems. He also cites the ruse of using phishing scams, sending out emails that appear to come from a legitimate source, asking recipients to click on a link that then directs them to provide credit card or password information. How do they both believe organisations can protect their email communications? Ginsberg points to how encryption is a logical solution and provides effective protection. And even small and medium size businesses should consider encryption, he says, especially if they deal with data such as intellectual property and customer credit card information. "There are old holdover misconceptions about encryption - it must be difficult to use, only IT experts can understand it, it slow things down - but those are no longer valid," states Ginsberg. "The tools are simple to use and I encourage encryption." With encryption, only users and intended recipients can see the data. For added security - and a tool that addresses phishing - users might want to add a digital signature (a coded message associated with a specific person). Educating staff about email use is critical. Hold regular training, in order to make employees aware of the rules and practices surrounding email, suggests Elsharif. Do your due diligence: research threats and solutions, and review how your organisation stores data, how you email data and how you deal with credit card information. Ensure your company is complying with current regulations. He also advises organisations to consult more than one vendor, depending on their needs. "Everyone needs firewalls and antivirus software. Do you allow employees to access your network from the outside? You may have to look at a VPN (Virtual Private Network). Don't be afraid to check with multiple providers. No one company can do it all." The final message is that technology can be effective in mitigating email threats, but it is important not to rely solely on it. "Nothing beats human common sense," cautions Elsharif. "As a user, try to follow best practices and don't be sloppy when dealing with your data." OUTSIDE IN: BEWARE THOSE SNEAKING BENEATH THE RADAR Clearly, users are highly susceptible to emails that purport to be from 'inside the business' - ie, from the IT team, HR etc - as these seem to come from a recognised user. So, although phishing is now recognised as a well-known technique, time and again users are executing content and disclosing credentials. "One way to solve this issue is to add a simple 'EXT' tag to the subject line of emails, so that those from an outside source can be easily identified," advises Chris Pickering, security consultant at Pen Test Partners, the ethical hacking company. "That way, even if an attacker registers a similar domain name to the organisation's and then tries to impersonate an employee or internal group, the end user will be able to quickly identify that it is not from an internal source and report it." This, he says, can be easily implemented with transport rules and rule actions. "However, bear in mind that unauthenticated emails sent by equipment and software on your network will be classified as external email and will also have their subjects prefixed with EXT. Examples include routers, firewalls, UTM, printers, networking monitoring software and backup software. "To prevent messages from those services and devices being classified as EXT, you need to configure those services and devices to send their messages authenticated. In most cases, this is straightforward, but you may experience issues configuring some Linux software." Chris Pickering, Pen Test Partners: emails from an outside source can be easily identified. 10 computing security May/June 2017 @CSMagAndAwards www.computingsecurity.co.uk
Weleverageinnovativetechnology,automationandapplicationstodeliverrealtimecyber threatinteligencetoourcustomersworldwide. Wecombinetheinteligentuseofourtechnologyandtheindustry'sfinestanalyticalminds toprovideaplatform thatalowsyoutoeasilyandquicklybuildameaningfulcyberthreat inteligencecapabilityidentifyingthedigitalriskstoyourorganisation. REQUESTAFREEDEMONSTRATIONANDTRIALOFTHE CYAX J CYBERTHREATINTELLIGENCEPLATFORM NOW. www.cyjax.com +44(0)2070960668 trial@cyjax.com