What is Email Protection?
Email protection is a broad concept that comprises many techniques — all built around the safeguarding of digital communications within organizations.This includes traditional security measures such as spyware detection, login security, and email encryption — as well as data retention, e-discovery assurance, cloud or on-prem email archival systems, and disaster recovery and backup.
Email security
One branch of email protection is the set of methods used to stop unauthorized access or compromise of email security systems. This includes:
Login security: There are a number of methods for safeguarding email account access — from employee education on best practices, to routine password cycling by administrators.
Spam filtering: Automated message filtering can prevent malicious and fraudulent emails from ever reaching employees’ inboxes. For example, cyber criminals use phishing methods to retrieve sensitive information from unsuspecting users, by pretending to be employees within the organization, or by embedding seemingly innocent links into emails. Spam filtering and automated spear phishing prevention technology can help to identify and quarantine suspicious content so administrators can determine its risk.
User security: Email filtering tools can’t catch email attacks that bypass the filters to reach users via their personal email, voicemail, or SMS. There are a number of training services that can help educate employees on security awareness, by simulating real network and email intrusions.
Email encryption:
Email encryption is critical for protecting the contents of email from unauthorized access, both in archives and as it is accessed and read.
Employee education: In addition to implementing the right technologies, organizations must ensure that employees are trained in best practices for the safeguarding of sensitive data.
Email backup and archival
While security is essential in the protection of email, it’s also important to pay attention to the archival process — used to ensure the longevity and integrity of the underlying data. Even when it’s no longer at risk of being compromised by a cyber attack, email still needs to be stored securely, and be retrievable, for legal and business reasons.
There are many business and organizational reasons for archiving email communications. Email often serves as critical, if informal, documentation of why and how certain decisions were made — and as an archive of relevant information. As a result, most employees benefit from a robust, complete, and easy to search archive of their communications. Techniques involved in email preservation include:
Email archiving:
Email archiving is the act of preserving and making searchable all email to/from an individual. Email archiving solutions capture email content either directly from the email application itself or during transport. The messages are typically then stored on magnetic disk storage and indexed to simplify future searches.
Email compression: The process of reducing email file sizes (as well as the sizes of any corresponding attachments). It often functions as an integral part of an email archival system. When combined with deduplication, offline or cloud backups, and file stubbing, email compression allows email storage and archival costs to be kept to a minimum.
Email retention policy:
Organizations in many industries are required by various governmental regulations to retain email content and metadata such as timestamps, senders, and other delivery information. Written email retention policies can be relied upon as a legal protection if proof of email communication is needed for a court case or to satisfy governmental regulations. An email retention policy covers all emails sent or received by an organization, and contains criteria for how long emails should be stored and in what manner they should be removed from the email archive.
Disaster recovery:
A recovery plan designed around the maintenance of mission-critical functions following a disaster. The effect of data loss or corruption from hardware failure, human error, hacking or malware could be huge — making a plan for data backup and restoration information a basic requirement for all modern organizations. Developing a thoughtful disaster recovery plan helps organizations minimize the risk of economic loss, operations disruption, and diminished brand credibility, when faced with an unforeseen failure.
See which threats are hiding in your inbox today.
Our free Email Threat Scan has helped more than 12,000
organizations discover advanced email attacks.