The topic of email security is frequently in the news. In December 2022, RackSpace’s Hosted Exchange service was the victim of a ransomware attack. Thousands of business customers had no access to email for days.
There are many reasons why cybercriminals spend infiltrate email servers and email clients. A typical business email compromise is when an attacker takes over a CEO’s email account and requests a funds transfer to a fake account from an unsuspecting employee.
For a company that uses a cloud-based email and data storage system such as Google Workspace, what are the assurances that their organization’s email and other data are secure from external threats and employee mistakes?
Google has published a 22-page Google Workspace Security Whitepaper. Unless you’re an IT professional, the details in this paper may make your eyes glaze over — but it’s still worth skimming through the pages to understand the overall scope of the security effort.
Based on the whitepaper, here’s a synopsis of what it takes for a cloud vendor to secure email and other customer data.
A Culture of Security
How a company operates usually stems from the type of culture that leadership promotes. A culture of security begins with hiring the right people. It also includes initial and ongoing security training for employees.
In addition, there should be a team of people that are dedicated to security and privacy.
On the operational side, there should be continual monitoring for vulnerabilities using commercially available and custom tools.
Preventing malware can be achieved by scanning all indexed websites for websites that may be vehicles for malware or phishing. Multiple anti-virus engines protect users from malware.
What’s commonly referred to as “the cloud” is a geographically distributed collection of data centers, some of which house several hundred thousand servers.
First, it’s crucial to control physical access to these facilities tightly.
Using custom hardware and software creates a consistent environment that makes monitoring for any warning signs easier. Data should be encrypted at all stages — at rest, in transit, and on backup media.
Protection from Phishing Attacks
Gmail has strong phishing email detection capabilities. Google Workspace has advanced security settings for tailoring what actions to take on specific types of email.
For example, a Workspace administrator can decide whether suspicious emails should be delivered to a user’s inbox with a warning — or automatically sent to the Spam folder.
A third option is to quarantine questionable emails. An administrator can then review these to determine whether or not they are safe and selectively allow messages to be delivered to a user’s inbox.
In late 2022, Google announced a beta of client-side encryption for Gmail body text and attachments. This beta is only available to customers who use Google Workspace Enterprise Plus, Education Plus, or Education Standard.
User and Administrator Empowerment
There are actions that administrators and end users can take to improve email security.
Administrative actions include enforcing strong passwords and requiring organization-wide multi-factor authentication.
Independent Third Party Validation
To avoid any elements of “the fox guarding the hen house”, it’s important to use third parties to audit data centers, infrastructure, and operations.
“Email Security” isn’t just one thing. It’s a widely assorted blend of strategies and actions. Email security isn’t static either. Threats are constantly moving and morphing targets.