Page 10 - Cyber Defense eMagazine - March 2018
P. 10

THERE ARE MULTIPLE WAYS TO CAN TACKLE EMAIL SECURITY:

               1. ENDPOINT SECURITY SYSTEMS

               Endpoints  (PCs,  laptops,  mobile  devices,  etc.)  can  be  critical  risk  factors  for  your
               organization. To keep endpoints secure, you’ll need an endpoint security management
               system in place. This can be either a software application or a dedicated appliance that
               enables  you  to  discover  and  manage  any  devices  trying  to  access  the  corporate
               network. An endpoint security system enables you to limit access from non-compliant
               devices  or  quarantine  them  in  a  virtual  LAN  (VLAN).   Within  this  field,  Tanium  and
               FireEye are suitable options for businesses. Tanium is essentially a search engine for IT

               data;  you  can  search for devices  (even  those  you  don’t  know  about), find  vulnerable
               endpoints  and  take  appropriate  action.  FireEye  conducts  automatic  searches  for
               malicious endpoint activity, allowing you to isolate compromised devices quickly.

               Protection:

                   ●  Phishing - No
                   ●  Spear Phishing - No
                   ●  Malware - Yes, if the malware gets downloaded on the endpoint
                   ●  Email Scams - No



               2. ANTI-SPAM PROTECTION

               No anti-spam method is perfect, and usually any spam filtering system requires a multi-
               pronged  approach:  end-user  action,  automated  tools,  email  sender  action  and  legal
               regulation. End users must be encouraged to be careful providing the corporate email
               address, avoid using it on forms, online publications and so on.         Automated systems
               can  provide  further  protection  by  screening  for  known  spam  addresses  (blacklisted
               senders), scanning inbound messages for viruses and using machine learning to remain
               constantly  up  to  date.  Relevant  options  would  be  SpamTitan,  which  can  be  installed
               locally  or  in  the  cloud,  and  Symantec  Email  Security,  which  strengthens  the  security
               level  of  Office  and  Google  products  by  conducting  careful  email  screening  before
               delivery.

               Protection:


                   ●  Phishing - Yes (for generic phishing attacks)
                   ●  Spear Phishing - No
                   ●  Malware - Partial (No for ‘zero day malware’)
                   ●  Email Scams - No




                   10    Cyber Defense eMagazine – March 2018 Edition
                         Copyright © 2018, Cyber Defense Magazine,  All rights reserved worldwide.
   5   6   7   8   9   10   11   12   13   14   15