At Kosh Solutions, we understand the critical importance of email security - threats are everywhere! To ensure our customers and internal teams are well-protected, we recently held an internal meeting to discuss various aspects of email security. Here are some of the key points discussed that we thought SMBs and IT decision makers may be interested in.
Transitioning Customers from Legacy Security to Microsoft
As part of our effort to enhance email security, we will be slowly transitioning our customers from legacy security provider to Microsoft’s advanced email security services. This process will probably take two years to complete. This move ensures our customers benefit from more robust security features and seamless integration with other Microsoft services.
Microsoft Email Security Features
Speaking of Microsoft, here are some key points to understand:
Microsoft Email Security - Basic
Spam Filtering
URL Filtering
Anit-Phishing
Email Quarantine
Anti-Malware
Email Retention
DNS Security: SPF, DKIM, DMARC
Any Microsoft Licensing that provides email services has access to these basic security measures.
Microsoft Email Security - Advanced
Microsoft's Advanced Email Security includes all the features of basic email security, plus additional enhancements:
Safe Attachments: Scans attachments for malware before they reach the inbox.
Safe Links: Verifies URLs in emails to protect against malicious links.
Email Encryption: Ensures that emails are encrypted both at rest and in transit.
Basic Data Loss Prevention for PII Data: Protects Personally Identifiable Information (PII).
Social security numbers
Bank account and routing numbers
Credit card numbers
Requirements: Microsoft Entra ID P1 feature, included with Business Premium and Microsoft Enterprise 365 Plans (F1, F3, E3, E5).
For a more in depth look at Microsoft licenses here's our article that helps breakdown what organizations and business decision makers need to know: What are the differences between Microsoft Licenses? Managed Service Provider weighs in. (koshsolutions.com)
Encryption Methods with Microsoft Email Security
Available with Advanced Email Protection
Easiest Method:
When drafting a new email in Outlook, go to the Options tab, click the Encrypt button, and send the email as normal. This requires no setup other than assigning appropriate licensing.
Secure Method:
Type "SECURE" in the subject line of the email. Outlook will send the message via TLS.
If the recipient server accepts TLS, the email will appear in the user’s inbox. If the recipient server does NOT accept TLS, the user will receive a link to view the email on a Microsoft-hosted secure server.
Encrypt Method:
Type "ENCRYPT" in the subject line. This encrypts the email for all recipients. All recipients will receive the email in their inbox, provided they have a license. If recipients are not licensed, they will receive a link to view the email on a Microsoft-hosted secure server.
Microsoft’s Email Security Features
Threat Elimination: Exchange Online Protection uses multilayered, real-time antispam and antimalware protection to eliminate threats before they reach the corporate firewall.
Security: Protects the company's IP reputation by using separate outbound delivery pools for high-risk email.
Reliability: Guarantees 99.999% network uptime with a global network of redundant data centers.
Content Filtering: Provides active content, connection, and policy-based filtering to comply with corporate policies and government regulations.
Detonation Capabilities: Scans incoming, outgoing, and internal emails for malicious links and attachments.
Data Encryption: Secures mail communications from being intercepted by cybercriminals.
Image and Content Control: Scans attached or embedded images and content for malware, blocking them from being downloaded if detected.
Advanced Threat Protection (ATP) Features
Microsoft's Advanced Threat Protection (ATP) suite is designed to protect against advanced cyber threats. Key features include:
Live Response: Allows users with appropriate permissions to start a live response session on devices and servers.
EDR in Block Mode: Provides protection from malicious artifacts even when Microsoft Defender Antivirus is in passive mode.
Autoresolve Remediated Alerts: Automatically resolves alerts where the automated analysis result status is "No threats found" or "Remediated."
Kosh Solutions' Annual Audit Process
As part of our annual IT Roadmap we perform for every customer, our technical team will verify that email security measures are properly set up and functioning.
Data Loss Prevention (DLP)
Basic DLP Features
Kosh Solutions has implemented basic data loss prevention features to safeguard sensitive information. These features are designed to detect and protect data such as:
Social Security Numbers
Credit Card Numbers
Bank Routing Numbers
This is not a substitute for Data Governance, which is a much larger set of rules, guidelines, and policies, that are managed by a dedicated person or team.
Email Legal Holds vs. Retention Policies
Legal Hold
Definition: A legal hold is a process used to preserve data for eDiscovery in legal proceedings or investigations. It ensures that data relevant to a legal case is not altered or deleted, even if attempts are made to delete it.
Application: Legal holds are typically applied to individual users or specific subsets of users within the organization.
Retention Policies
Definition: Retention policies are used for general data governance to manage the lifecycle of data. These policies determine how long data should be retained and what actions should be taken after a certain period, such as deletion or archiving.
Kosh's Standard: At Kosh Solutions, we retain data for 7 years from the date of creation. After this period, we cease protecting the data, but we do not delete it.
Application: Retention policies apply to the entire organization, including Teams chat data. This ensures that if an employee leaves, their Teams chats and email can still be accessed if needed.
Comparing GSuite and Microsoft Email Security
For more about the differences and similarities of Google and Microsoft check out this article: Microsoft 365 vs Google Workspace, What's The Real Difference? (koshsolutions.com)
Google’s Email Security Features
Phishing Protections: Gmail blocks over 99.9% of spam, phishing attempts, and malware from reaching users.
Safe Browsing: Identifies dangerous links in email messages and warns users before they visit the site.
Proactive Alerts: Alerts users before downloading attachments that could pose security risks.
Account Safety: Monitors for suspicious logins and unauthorized activity to protect user accounts.
Confidential Mode: Allows messages to expire after a set period and restricts forwarding, copying, downloading, or printing.
Email Encryption: Encrypts messages at rest and in transit between data centers.
Advanced Protection: Includes S/MIME encryption and secure TLS connections for enhanced phishing and malware protection.
Kosh is primarily a Microsoft "shop," so we generally recommend customers use Microsoft or make the switch to MS. However, if setup and used properly, Google can provide similar email security features.
Conclusion
At Kosh Solutions, we remain committed to providing the highest level of email security for our customers and internal teams. By implementing comprehensive data loss prevention measures, understanding the nuances between legal holds and retention policies, leveraging the advanced features of leading email security platforms, and utilizing various encryption methods, we aim to safeguard our digital communications against ever-evolving threats.
Disclaimer
The information contained in this communication is intended for limited use for informational purposes only. It is not considered professional advice, and instead, is general information that may or may not apply to specific situations. Each case is unique and should be evaluated on its own by a professional qualified to provide advice specifically intended to protect your individual situation. Kosh is not liable for improper use of this information.
Comments