Email Security: A Smart Addition to Any MSP’s Layered Security Strategy
Email is the most common form of business communication throughout the world. Employees from businesses of all sizes spend significant portions of their days receiving messages, managing their inboxes, and responding to emails. In fact, a 2017 study reported that the number of emails sent and received each day exceeded 269 billion worldwide—a figure that is expected to continue to dramatically increase in the years to come. Let’s face it: Email isn’t going anywhere.
While email usage continues to skyrocket, many MSPs still have not tapped into email security software to protect both their clients and their own systems. Many have seen the skyrocketing number of malware attacks initiated through the email vector yet believe that endpoint security is enough to get the job done. MSPs and other channel members reported in a recent VIPRE study that a business shutdown due to a ransomware attack alone, on average, leads to two days of lost business and almost $20,000 in lost opportunity costs.
It is imperative to understand three key reasons an MSP should consider adding an excellent email security solution to its burgeoning cybersecurity arsenal.
- Email is your top threat vector.
A VIPRE Security survey of more than 500 independent IT solutions providers showed that 63 percent of customer infections were caused by spam and phishing emails. This comes as no surprise, with hackers and other bad actors learning how to become extremely effective and creative in bypassing the basic email security and spam filtering built into most email accounts.
They can use various methodologies such as embedded text-based links, macros hidden in Microsoft Office attachments, exploiting poorly set up firewalls, and weaponizing graymail to penetrate networks and deliver malicious malware payloads. Regardless of the methodology used, this threat vector is highly vulnerable as the ransomware-as-a-service market grows and traditional email filters become less effective.
This information raises the need for an advanced and effective email security solution that is preferably cloud-based and has such features as multiple layers of message scanning, advanced macro/scanning, granular policy creation and, if possible, attachment sandboxing. This will ensure protection and remediate much of the concern that is raised over possible breaches due to human error.
- Vital business information must be protected.
As mentioned earlier, most business communication is conducted via email. That also means that a large amount of critical information is passed through email servers. If malicious actors were to gain access to a company’s network, they could easily extract passwords, company financial information and other critical info that is sent via email.
There are multiple ways to prevent vital business information from falling into the wrong hands, but the simplest is utilizing email encryption as part of your email security approach. Look for solutions that enable you to set up custom keyword options that will trigger encryption when they are used in a subject line or email body, preventing information from falling into the wrong hands.
Further, IT admins should be training staff not to send sensitive information via email unless they encrypt it, and not to use unprotected communication methodologies to discuss critical business information (for example, Slack, Lync or inter-office messaging systems).
- Email security provides an opportunity for additional recurring revenue.
MSPs are always looking add recurring revenue streams, which is key to increasing profits. Solution providers must not only maximize revenue from each client, but also find a way to upsell/cross-sell their clients on new services and solutions.
The case can and should be made to clients that an email security solution will improve protection of their end user networks: There are many reasons why email security is a smart addition to a layered security approach, and time is of the essence when it comes to adoption since sophisticated cyber-attacks are steadily rising. It is essential that MSPs and all businesses capitalize on the ability to protect their top threat vector and ensure the security of their business-critical information.
This guest blog is part of a Channel Futures sponsorship.