Author Archives: Andrew Turner

The Benefits, and Potential Challenges of, Cloud Email Platforms

Welcome to the second installment of our look into the future of the email security market! In our previous entry, we looked at the continued relevance of the Secure Email Gateway (SEG) and discussed how Cisco’s Cloud Email Security (CES) provides our customers with versatile and comprehensive configuration and security options. This time, we’ll be exploring the simplicity and appeal of emerging cloud email security technologies.

The simplification of anything is always sensational. This was true when noted British philosopher Gilbert Chesterton wrote it in 1903 and a little over a century later, it still rings true today. Now, it’s cloud technologies that offer a way to sensationally simplify the administration and operation of key business technologies. From the office applications we all use on a daily basis, it is now a viable option for administrators to move keystone technologies such as their Identity and Access (Active Directory and LDAP) or their Email server (Exchange) to the cloud.

This allows your administrators to leverage the scale, resilience, and upgradability inherent in cloud architectures to simplify their operational practices and maximize their use of expensive skills and resources on higher-value activities. After all, it’s far more effective for your email administrator to focus on the email policies that are unique to your business instead of worrying about the availability and scale of your Exchange server — never mind the nightmare of applying the latest and greatest security patches!

However sensational this is, simply moving your Exchange server to Office 365 (O365) does not mean that all the concerns of the past are gone. Email continues to hold its title as the number one threat vector. The Federal Bureau of Investigation (FBI) Internet Crime Complaint Center (IC3) recently announced that between January 2014 and October 2019, they had received complaints totaling over $2.1 billion in actual losses from Business Email Compromise (BEC) scams targeting Microsoft Office 365 and Google G Suite. BEC, also known as Email Account Compromise (EAC), is a form of fraud in which criminals use social engineering, deception, or other intrusion techniques to conduct unauthorized transfers of funds from a business to a fictitious supplier. The cybercriminals behind this invest in developing and designing phishing kits that target these cloud platforms, and in the words of the FBI “particularly Office 365 given its dominant market share.”

So, what can be done?

Put simply, the base security in Office 365 needs some augmentation. Microsoft offers several options to enhance the base security of the product via additional Advanced Threat Protection (ATP) 1 or 2 plans, or the Enterprise E5 offer.  These add additional security around areas such as Safe Attachments, Safe Links/URLs, Phishing Protection as well as reporting and visibility options. The very existence of these products from Microsoft points to the need for customers to consider their security and how best to adjust that security to fit their specific needs.  Naturally, there are options available from other vendors, including Cisco, to help address this need!

In this era of APIs, Microsoft has built Office 365 from the ground up with cloud capabilities like the Graph API that allow for the enrichment of native functionality. In fact, Gartner recently created a market category to track these solutions, which they’ve dubbed the Cloud Email Security Supplements (CESS) market segment. Moreover, Gartner also recommends a CESS to address gaps in the advanced threat capabilities of existing solutions. In our next blog, we will be examining in more detail what supplementary security is and the problems it addresses.

If you would like to learn more about how Cisco Cloud Email Security can improve your approach to cloud email security, be sure to check out the following:

Top Three Reasons Offi­ce 365 Customers Choose Cisco Email Security

Your Complete Office 365 Cloud Email Guide

Email Security Buyer’s Guide

The post The Benefits, and Potential Challenges of, Cloud Email Platforms appeared first on Cisco Blogs.

The Future of the Email Security Market: The Importance of the Secure Email Gateway

Welcome to the first in a series of blogs on the future of the email security market and how you can leverage the latest technologies to secure your cloud email deployments. Our goal is to make these blogs easy to consume and publish them on a regular basis.

While much of the content we will cover here will be about new and emerging ways to protect cloud mailboxes, it’s important to start with a view of the continued relevance of the Secure Email Gateway (SEG). The SEG technology space, and Cisco’s Cloud Email Security (CES) in particular, is still a valuable part of the enterprise content security strategy. It’s strength lies in its versatility and comprehensive configuration options that can produce unparalleled efficacy when tuned by knowledgeable administrators and engineers.

Cisco Email Security: Strengthening the Email Pipeline


The graphic above illustrates just how comprehensive Cisco’s gateway offering is. In the top left, we can see connection-time protections that are only possible with SEG products. Administrators have long accepted that essential mail server hardening was not sufficient to protect their environments from attacks like directory harvesting. With the move to O365 administrators no longer have to perform infrastructure maintenance like patching, but well-resourced security organizations still value granular connection time controls to defeat complex attacks that target the infrastructure rather than user’s mailboxes. The Connection and Content Filtering engines referenced in the graphic above when correctly configured are well-positioned to mitigate this kind of attack.

This is just one example of the kind of protection that Cisco’s Cloud Email Security (CES) allows customers to bring with them when they migrate away from on-premises email servers. Experienced CES administrators are adept at crafting message filters to deal with targeted campaigns and emerging threats that have not yet been identified up by research groups or content scanning engines. The ability to narrow these rules to groups and individual users is powerful in the hands of security operations engineers who require scalpels to meet the varying demands of their departments. These often require specialized policies that address particular needs while maintaining the integrity of their email communications. The availability of multiple quarantines addresses shortcoming of the junk folder-centric Microsoft approach for those who need a more nuanced set of tools.

These examples do not cover all of the use-cases and benefits of CES for cloud email customers (for that, you can explore the user guides and product video), but they do illustrate a key message. The SEG space offers granular, customizable controls that are incredibly powerful in the hands of well-trained administrators and engineers.

If yours is one of the organizations who don’t require the granular controls and customization of SEG and simplicity is the most appealing aspect of moving to the cloud, then follow us as we continue this series by examining emerging cloud email security technologies.

In the meantime, read more about the layered approach to email security that makes Cisco Email Security an industry leader.

The post The Future of the Email Security Market: The Importance of the Secure Email Gateway appeared first on Cisco Blogs.