Domain-Level Best Practices
Email threat protection is an aspect in IT that does require attention to the concept of defense in depth, or, implementing as many different safeguards along as many links among the chain of the system in question. For email, we can start at the fundamentals with your domain's DNS records. Many email providers support the use of SPF, DKIM, and DMARC records which all do different things to add credibility to your own domain and help protect against certain email attacks. Most commonly implementing these features don't introduce any new costs and just requires the IT labor to configure.
Email Filtering & Threat Detection
Microsoft 365 and Google Workspace natively have their own email threat protection mechanisms in place but are more on the rudimentary side of effectiveness. Choosing an email threat protection platform like Proofpoint, Mimecast, or AppRiver can help accomplish many needs when it comes to email security. To start, these providers act as a relay for your email, meaning before a message from an external sender hits your mailbox it gets scanned by them first. These providers scan emails to detect malicious links and attachments, signs of spoofing, or more simply spam and junk. With an inbound filter in-place less potentially malicious emails will ultimately land in your users' mailboxes, malicious attachments can be removed, and links evaluated and removed if malicious. Additionally, these providers also offer outbound relay services which is just as important as it means that if a user account was compromised or if a user goes rogue, these providers can scan outbound emails before being sent to customers, vendors, and partners to keep your domain and business' reputations in good standing. At Kraken IT Solutions we partner with Proofpoint for inbound and outbound email threat protection relay services.
Cybersecurity Awareness Training
Proofpoint, Webroot, and KnowBe4 offer customizable cybersecurity awareness campaigns that can be tailor-made for your organization. These campaigns can consist of short videos, slide decks, quizzes, and more and can be delivered monthly, quarterly, or annually to provide your userbase a refresher on good cyber hygiene practices. At Kraken IT Solutions we partner with Proofpoint to create, distribute, and lead cybersecurity awareness campaigns.
There are times where email is either ultimately the preferred method or only method for sending sensitive files externally. Sending such files over un-encrypted emails can have dire consequences if malicious hands were to intercept the email or access the recipient's computer/mailbox where the message will be delivered to. With tools offered by Proofpoint, Mimecast, and AppRiver you can give your workforce the tools necessary to securely send email, At Kraken IT Solutions we partner with Proofpoint to offer encrypted email services, send us an email at email@example.com and we'll send you an encrypted email as an example.
Our owner Aaron periodically posts examples/explanations of common infrastructure configurations as well as pressing cybersecurity news.