wonderfully unique software solutions

Employees often unware of compliance and email security needs, says GFI Software

People at work often know little about their organisation’s requirements around email cybersecurity, data management and regulatory compliance, GFI Software has warned in a customer webinar.

Sindy Rodas, pre-sales engineer at GFI Software, said that sensitive information is often communicated via email, unintentionally placing organisations at risk of large fines and audit failures.

“Often, people in an organisation are not aware of compliance and email security best practices. This puts sensitive information at risk of a data breach,” she said. “That’s why malicious actors through the email have direct access to the weakest link in the chain.”

Rodas said that email security and management offerings including GFI Archiver work “seamlessly” alongside Microsoft Exchange, Microsoft365 (formerly Office 365), Google Apps and other email servers to protect emails, calendars, faxes and files.

Archiver can also help with audits and fend off threats from information breaches to productivity challenges with its MailInsights reporting functionality. Only one copy of an email is sent to multiple recipients and attachments are compressed, to save on storage.

Not being able to receive or send emails for one day or maybe just a few hours can directly translate to money losses for some businesses, she pointed out.

“If anyone wants a user – let’s say a company employee – to receive information, whether it is important, whether it is spam, or whether it is something else that might put our network and our business operations in danger, then they know that they can send that information through an email,” Rodas added.

Threats presented via email range from spam, at minimum causing a loss of productivity just because so many spammy emails are sent and received or at worse containing malicious information or links that threaten the network or business, to attacks on the mail server itself, she noted.

Credential theft alone can affect data confidentiality and integrity, and malware can take down network security, data availability, or the business itself. Ransomware can be considered in that category, she said.

“This is going to cause your systems also to be unusable or unusable. And this will affect your data availability overall,” Rodas said. “Last but not least, we have data leakage, which basically refers to someone from the inside of an organisation sending important or confidential information outside of the organisation, which of course should not be happening.”

Organisations need anti-spam filters that include features like rating and greylisting and can learn. Public and private block lists can make sure organisations only receive information from certain senders. Sender policy framework caller ID, custom spam rules and SMTP greeting delays can also be useful.

Firewalling should preferably include reverse-proxy and distributed denial-of-service (DDoS) protection. Mail servers should use close relay and secure authentication, with backscatter attack protection “also a plus”.

In addition to antivirus, full and regular backup, account compromise protection and enforced secure authentication, look for offerings that deliver content awareness, rather than just categorising emails per user. Dedicated email security software will also offer a “proper module” for anti-phishing that can detect executables and Trojans as well, she said.

“You cannot expect everyone in an organisation to be a cybersecurity expert,” said Rodas. “These challenges can affect any business.”

Click here to view the full GFI Software webinar.

( Image by Muhammad Ribkhan from Pixabay  )

Recent Articles

HR workflows take off with DocuSign eSignature at United Airlines

An airline with some 87,000 employees to manage has streamlined human resources (HR) management and processes with e-signature software from DocuSign.

Foxit expands AI integration and distribution of its PDF editor suites

PDF editing software vendor Foxit has expanded its generative-AI integration for PDF as well as announcing a new software licensing agreement and...

TeamViewer Tensor supports remote workers at commodities firm

Asset management consultancy Hartree Partners adopted TeamViewer Tensor as a key tool in the scaling of its remote business operations, covering some...

On-the-job learning engagement rates highly in Vyond/TalentLMS survey

Insufficient on-the-job training may be a deal-breaker for many staff when it comes to whether to leave their employer, a vendor survey...

JetBrains TeamCity eases CI/CD admin for devops teams

Dev tools company JetBrains has released Terraform Provider for TeamCity with a view to improving systems administration capabilities for CI/CD projects.

Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Weirdware monthly - Get the latest news in your inbox