The adoption of cloud email is increasing every year, with Google Workspace and Microsoft Office 365 dominating. And now, a new report by Gartner noted that many clients have expressed dissatisfaction with default email security solutions, specifically citing Office 365.
A look at the top two
It’s true that Office 365 and Google Workspace offer a wide set of email security capabilities. However, due to the rise in BEC, ATO and other attacks, “some malicious emails get missed by Microsoft Defender for Office 365, and in fact by any other email gateway solutions,” according to the Gartner report.
The figure below illustrates the capabilities provided by email security vendors in general.
Questions to ask yourself when evaluating your security needs
- Is your solution blocking things you need?
- If it is missing some email, is that critical for your organization?
- What sort of impact could result in certain types of email getting through to end-users? (including missed spam, malicious attachments, inappropriate content, malicious URL’s, advanced phishing attacks etc?).
- Does your current solution have any specialist support for BEC?
- Have you measured how much it’s catching?
- Is your solution able to detect and block these even using the advanced phishing capabilities in Microsoft’s ATP optional add-on?
- Is there the ability to view a single consolidated list of all threat types, and then to sub-filter using layers?
- Can you create different policies to deal with different types of spam and bulk messages, such as spam, malware, phishing, and bulk matches.
- Can your anti-spam policy differentiate based on recipient and based on type of message?
Aside from traditional gateway solutions, security and risk management leaders should evaluate API-based solutions to act as an additional layer of protection.
The report listed the options in the graphic below.
What to know about integrated email security solutions
Gartner suggests adding an IESS, such as Perception Point. These services include antivirus and spam detection capabilities to identify threats before they arrive in a user’s inbox. They identify phishing attacks and provide protection for internal emails and mail security orchestration, automation and response (M SOAR) functionality.
They also often include other capabilities such as:
- Machine-learning-based detection trained on existing emails
- Image analysis
- Account takeover detection
- Image recognition of URLs