It’s a fact of life. Most hacks, data breaches and malware intrusions start with a simple email. No matter how well you train your staff, sooner or later someone – it could be anyone – will click on a dodgy email and Zap!, your network will be compromised. According to Verizon’s most recent Data Breach Investigations Report ‘the median time to the first click on the attachment [of a phishing campaign] to infection was 3 minutes, 45 seconds.’ A compromise happens in minutes.
“Email continues to be the primary form of corporate communication as well as the leading source for malware, phishing attacks, spam and the loss of critical business and customer data,” says Gary Gardiner, A/NZ director of engineering and services at Fortinet, a global leader in the provision of advanced cyber security solutions. “As a result, secure email gateways and filtering solutions are critical lines of defence for your network infrastructure. The email filter works ahead of other defences, including detection and response systems, to analyse and block email before it is delivered to employees or customers.”
Email protection part of your security profile
Protecting your email should be a vital component of your integrated security profile. “The days of point security solutions are long gone,” continues Gardiner. “All the components, including your firewall, anti-virus/anti-spam, data loss prevention (DLP), secure wireless access points, controllers, switches and, of course, email gateway, should be tightly integrated and continuously updated. This might seem excessive for a smaller enterprise, but, compared to the cost of having your network compromised, it is an expense well worth the price.”
Indeed, many vendors, including Fortinet, have security solutions optimised for the mid-market. “Fortinet is unique in as much as they have reduced the security ‘logic’ to fit into a small chip, the FortiASIC (CP8), which provides all of the security processing and content inspection services requirements outside of the direct flow of traffic,” comments Gardiner. “This means that there is virtually nil latency as the email inspection takes place. Legitimate traffic passes through without any degradation in service whilst any suspect traffic is immediately tagged for further inspection.”
Cost-wise, combination entry-level firewall and email protection is well within the budgets of most small-to-medium businesses. As your traffic requirements evolve and grow over time, you can scale up to support faster throughput. The content inspection and email protection will remain the same. In short, Fortinet’s entry-level firewalls and email inspection services provide the same capabilities and functionality as the enterprise infrastructure. The only difference is in the processing speed.
With today’s high-speed networks and the proliferation of Australia-based managed security service providers (MSSPs), you can protect your email via three basic deployment options. You can purchase the equipment and install and maintain it at your premises. Or you can lease the same equipment and operate it in conjunction with a managed service provider (the co-host solution). Or you can simply contract an MSSP to filter all of your email at their site before it even goes to your networks. Each of these options has strong-points…it all depends on your own in-house capabilities, budgets, growth plans, etc. The fact is that you can protect your email and network at a cost you can afford. The only thing you can’t afford is to have your network compromised or worse because of an easily-prevented email-based hack or intrusion.
“Give us a call,” concludes Gardiner. “We’ll quickly ascertain your requirements and put you in touch with one of our Partner specialists who can help you protect your email and network. It’s neither particularly difficult nor expensive. All it takes is a basic understanding of the issues and the commitment to take positive action…before it’s too late.”