Inside the Briefcase

IT Briefcase Exclusive Interview: Getting the Most Out of Open Source While Managing License Compliance, Risk, and Security

IT Briefcase Exclusive Interview: Getting the Most Out of Open Source While Managing License Compliance, Risk, and Security

with Kendra Morton, Flexera
In this interview, Kendra Morton,...

Why DEM Matters More Than Ever in Financial Services

Why DEM Matters More Than Ever in Financial Services

Remember waiting in line at the bank? Banking customers...

How to Transform Your Website into a Lead Generating Machine

How to Transform Your Website into a Lead Generating Machine

Responsive customer service has become of special importance, as...

Ironclad SaaS Security for Cloud-Forward Enterprises

Ironclad SaaS Security for Cloud-Forward Enterprises

The 2015 Anthem data breach was the result of...

The Key Benefits of Using Social Media for Business

The Key Benefits of Using Social Media for Business

Worldwide, there are more than 2.6 billion social media...

How to Protect Employees and Data with Remote Email Security Tools

May 12, 2020 No Comments

Featured article by Dean Coclin, Senior Director Business Development at DigiCert

depositions 300x199 How to Protect Employees and Data with Remote Email Security Tools

Stay-at-home measures taken in the wake of the novel coronavirus pandemic are opening more doors for cybercriminals. As the number of remote employees has climbed so have criminal attempts to access email. Companies are at risk unless they adopt email security tools, which slam the door shut on cybercriminals.

During the week beginning April 5, approximately 18 million of the 100 million malware and phishing emails blocked by Gmail were related to COVID-19, according to Google blog post “Protecting businesses against cyber threats during COVID-19 and beyond.” In addition, more than 240 million coronavirus-related spam messages have been caught by Gmail each day.

In the blog post, Google shares examples of phishing emails and scams being used by cybercriminals trying to capitalize on the pandemic:

- Emails where senders pretend to be from the World Health Organization (WHO) or another government agency. These might be attempts to solicit donations or collect personal information.

- Emails that initially appear to be from Human Resources or someone else in an employee’s company, taking particular advantage of remote employees.

- Emails directed at small businesses that try to take advantage of people’s interest in government stimulus packages.

- Emails where senders pretend to be existing customers or partners, possibly encouraging recipients to open an attachment that releases malware.

Email security tools can help block access points to cybercriminals and prevent remote employees from potentially putting company data at risk.

VPN for Network Protection

A virtual private network (VPN) is a more secure option for remote employees than Remote Desktop Protocol (RDP). VPN takes the security, functionality and management of a private corporate network and extends it across a public network. Digital certificates for authentication boost security even more.

VPN providers say demand has soared:

- Use of NordVPN’s business-focused VPN has grown by 165 percent globally and by 66 percent in the U.S. since March 11.

- Product usage of Atlas VPN grew by 112 percent in a single week in Italy. It increased by 53 percent in the U.S. in the first two weeks of March, and could potentially rise to 150 percent by the end of April.

- Customer connections to AT&T’s VPN, called ANIRA, rose by 700 percent in just a few weeks.

S/MIME for Email Encryption

The end-to-end encryption of Secure/Multipurpose Internet Mail Extensions (S/MIME) ensures that only the intended recipient of an email can read the message. It does this by preventing the interception of messages during transit.

The Internet Engineering Task Force (IETF) has adopted S/MIME as “the golden standard in email security,” according to the blog post “Encrypting Your Emails with S/MIME.”

“For anyone where the importance of establishing integrity, upholding privacy, preserving sensitive data and protecting against impersonation matters, S/MIME should be high on the list. S/MIME adoption is becoming more mainstream, and as hosting providers, it’s a great additional tool to be able to offer your customers.”

DMARC for Reputation Preservation

Adopting Domain-based Message Authentication, Reporting and Conformance (DMARC) prevents cybercriminals from deceiving recipients with fraudulent emails masquerading as emails from your company. With this protocol, unauthenticated messages are captured by a recipient’s email provider and quarantined or rejected before they can do harm.

With DMARC policies increasing by 300 percent during 2019, DMARC is an increasingly popular spoof-proofer for the corporate domain. Authentic emails from your domain are the only ones that end up in recipients’ Inboxes. To make the most of DMARC:

- Whitelist all domain senders authorized to send messages on behalf of your organization.

- Set up alerts when fraudulent emails are sent from your domain to learn of all suspicious activity.

- Enforce DMARC to protect your company from attempts by cybercriminals.

DMARC can also protect your employees from falling prey to phishing emails pretending to be from organizations like WHO or other government agencies. During the week beginning April 13, there were more than 18 million COVID-19-specific phishing and malware attacks every day, according to Forrester Vice President and Research Director Joseph Blankenship in the blog post “COVID-19 Campaigns Highlight The Need For Phishing Protection.”

“[One] reason they are so effective is that phishing attacks are one of the only cybersecurity attacks that security professionals will admit to almost (or actually) falling for. We’re feeling the same panic and are extra prone to click,” Blankenship writes. “DMARC’s anti-phishing benefits can be expanded to also include stopping COVID-19-specific phishing attacks from reaching your organization’s inboxes and stopping cybercriminals from hijacking your domains to carry out attacks.”

Protect Remote Employees and Data with Email Security Tools

Social distancing will likely extend through the summer, according to Deborah Birx, the White House’s coronavirus task force coordinator, in an interview on NBC News’s “Meet the Press” on April 26. If that timeline becomes a reality, many workers could remain remote employees for the foreseeable future, making email security a high priority. Support these remote employees and keep company data safe by investing in email security tools.

Dean Coclin Headshot 2020 200x300 How to Protect Employees and Data with Remote Email Security Tools

Dean Coclin, Senior Director Business Development at DigiCert

SECURITY

Sorry, the comment form is closed at this time.

ADVERTISEMENT

Gartner