Today we get to the core and we’ll review some of the best email security tools on the market, what they are and how to can help protect you.
Ask almost anyone and they’ll tell you that email is the single most important service in their organization. From humble beginnings back in the seventies, it has grown to be the foundation of most modern communications. But being able to send email to anyone and to receive email from anyone is both a blessing and a curse. By opening our inbox to the general public, we also open it to unwanted correspondents. Some of them don’t have any ill intentions and they’re just trying to make a living by sending us some publicity but others have more somber objectives. And while the former is nothing more than an annoyance—albeit a huge one at times, the latter can pose a real threat. To better protect ourselves against the risks of email, let’s have a look at some of the best email security tools.
Before we get to reviewing the best email security tools, we’ll first discuss email security in general. It will help us identify what we are up against. We’ll introduce the different types of threats typically associated with email. They include spam, viruses and other malware, phishing attempts and ransomware.
About Email Security
You’d most likely gather from our introduction that email security is about protecting ourselves from any threats which use email as their vector. That would, however, be only partially right. In fact, email security is a two-way street and is it often as much about outgoing than incoming email. Why so, you may ask? Mainly because your email system could be used by malicious users to send out nefarious communications. How often have we heard of viruses that send malware-infested emails to one’s list of contacts? There is also the remote yet true possibility that a malicious user is present in your organization. This is not unheard of.
So, the goal of email security is that no dangerous email reaches you and that none leaves your email infrastructure. In a nutshell, that’s all there is about it. If we look at it in deeper details, it can get a tad more complicated, though. There are several different types of threats we need to protect against. Let’s have a closer look at the most common ones.
What is spam, exactly? At its origin, Spam is a brand of luncheon meat from Hormel whose name is a contraction of “spiced ham”. How it came to be used in the context of email is a funny story; literally. The origin of the term comes from a 1970 Monty Python’s Flying Circus sketch. In it, all the restaurant’s menu items devolve into SPAM. When the waitress repeats the word SPAM, a group of Vikings in the corner sing “SPAM, SPAM, SPAM, SPAM, SPAM, SPAM, SPAM, SPAM, lovely SPAM! Wonderful SPAM!”, drowning out other conversations. It is well documented that the first instances of using the word “spam” for unwanted messages were referring to the 1970 Monty Python sketch where SPAM singing was drowning out conversation and SPAM itself was unwanted and popping up all over the menu.
Spam is any unwanted email. It is the email equivalent of all those flyers and delivery menus that make it to our mailboxes on a weekly basis. Most of them are legit advertising. Some could even be for interesting products and services although a good deal is for junk such as all sorts of virility enhancements gimmicks. The key to spam is that it is unsolicited and it generally pollutes our inboxes
Viruses And Other Malware
We all know what computer viruses are. They’ve been around for ages—in computer years—and we’re all too familiar with virus protection tools. And everyone knows that email is one of the primary methods of delivery for viruses and other types of malware. In fact, several different methods can be used to insert a malicious payload in an email message or to lead unsuspecting users to some malicious site. Virus-ridden messages are the primary reason why we’ve always been told to never open email attachments from unknown people or attachments that were not specifically expected. Since users are now very aware of viruses, they might not be as popular as they once were but one should never let their guard down.
Phishing attempts are one of the most common types of undesirable email. They are used to collect confidential information from people. I’m pretty certain that you’ve at least once received an email that appeared to come from your bank and told you that your account had somehow been compromised and that you should verify that all is in order an immediately report any suspicious activity. These emails always contain a direct link which claims to take you to your bank’s website.
What it does, in fact, is take you to a fake bank website—one that closely resembles that of your bank—where unsuspecting users will enter their banking username and password, thinking that this is their bank’s site. Once you do that, they have your bank account access credentials and are free to transfer funds out of your account.
This is just one example of phishing. The technique is commonly used to try to gather all sorts of personal and confidential information. We’ve heard of examples where it was used to acquire corporate usernames and password, for example.
Ransomware is not an email threat per se but it uses email so we felt it had to be included. This is especially true when you consider that most email security tools do offer some protection against it. Here’s how it typically works. Note that each case is different and this is just an example. It starts with some kind of virus—often a remote access trojan—which is used to encrypt documents stored on your computer. You are then required—by email—to send a certain some funds to an unknown and unidentifiable destination in order to gain back access to your document(s). The payment is often demanded in cryptocurrency as it is normally untraceable.
Another for of the same threat is when you receive a ransom email stating that they’ve activated your computer’s website and filmed you doing some illicit activity and that they will send the captured video to all your contacts and/or the authorities. While the former type of ransomware is usually real, the latter is, most of the time, made of bogus claims. If someone really had a video of you doing something “wrong” and wanted to blackmail you with it, don’t you think they’d send you a copy of the video to prove they are not joking?
Email Security Tools
Email security tools are complicated tools with a difficult task. They are made to protect you from all the threats mentioned above and then some. The goal of most of these systems is to either remove the dangerous elements of suspicious emails or to delete them altogether. In fact, many systems do offer both types of action which they pick depending on the specific situation. They will typically intercept each and every incoming email before it reaches your email server. They scan messages and strip them of any nefarious content before forwarding them to your organization’s mail server(s).
The best systems will also work the other way and scan every outgoing message after it leaves your server and before it reaches the Internet, ensuring that you are not unknowingly sending dangerous emails to your correspondents.
The Best Tools One Can Find
Much like any other type of tools, email security tools do vary greatly on their feature set. They also vary in their implementation. Some are delivered as a piece of software that you typically install on your local network. Others are offered in the cloud on the Software as a Service model. Let’s have a closer look at some of the best email security tools we could find.
1- SolarWinds Mail Assure (FREE TRIAL)
SolarWinds Mail Assure is a product of SolarWinds MSP, a division of SolarWinds that specializes in tools for managed service providers and large organizations. It was born from the union of SolarWinds, SolarWinds N-able, and LOGICnow, three major players on that market. SolarWinds, in case you don’t know the company, is the maker of some of the very best monitoring tools. For example, its flagship product, the Network Performance Monitor has received rave reviews and is considered to be one of the best network bandwidth monitoring tools. SolarWinds is also famous for its many free tools, each addressing a specific need of network or system administrator. The Advanced Subnet Calculator and the SolarWinds TFTP server are two excellent examples of these free tools.
Getting back to SolarWinds Mail Assure, the tool is a true multi-functional product that can address most—if not all—email security concerns. Here’s a quick rundown of the tool’s primary functions. The tool can help protect your business against spam, viruses, phishing, malware, ransomware, and other email-borne threats by using collective threat intelligence gathered from all Mail Assure customers. The tool’s intelligent email protection engine is continuously updated with data about threats detected by over 2 million secured domains in over 85 countries. The service also features tamper-proof mail archiving, email continuity and complete support for Office 365 and Exchange from Microsoft.
- FREE TRIAL: SolarWinds Mail Assure
- Official Download Link: https://www.solarwindsmsp.com/products/mail-assure/trial
Mail Assure uses sophisticated threat detection methods to protect against malware, phishing, and other cyber threats. The continuously updated Intelligent Protection and Filtering Engine checks every incoming, outgoing, and internal email. A threat identified in one mailbox updates the detection algorithms for all other users in near real-time, providing incredible protection for your customers, no matter where they are or what email service they use. The system’s email continuity feature lets users log in to a branded email portal, even if their core mail service fails, helping ensure uninterrupted productivity.
Mail Assure’s email archiving protects crucial information and intellectual property and helps ensure availability and chain-of-custody in the event of a legal proceeding. All inbound and outbound email and attachments are compressed and encrypted to provide a cloud-based impenetrable vault.
SolarWinds Mail Assure is one of the best-rated email security systems. It is available as a cloud-based Software as a Service (SaaS) offering. The pricing structure is rather flexible and complex. You need to contact SolarWinds’ sales to get a quote matching your specific needs. If you want to give the platform a test-run, a free trial of the systems can be arranged.
2- Avanan Cloud Security Platform
The Avanan Cloud Security Platform is very different from other products on this list. The company doesn’t offer a product but rather a platform that positions itself between the Internet and your cloud email provider and adds various security services to it. The security tools are from some of the best providers in the field such as Check Point, Symantec or McAfee. What you get is really a best-of-breed approach.
Concretely, the Avanan team seeks out innovative security technology from the industry’s top vendors, as well as small, innovative startups that offer next-generation tools to prevent tomorrow’s threats and then they “cloudify” their products. The company doesn’t just run the third-party applications in the cloud, it takes its partners’ best software and wraps the core technology in the Avanan API, standardizing all their user, file, event, and policy information. Its cloud-native versions are not available anywhere else.
The Avanan Cloud Security Platform is available in three levels: anti-phishing, complete malware and complete could security at prices starting at $3, $5, and $6 per user per month, respectively. Prices are a bit lower when paid on a yearly basis at $2.50, $4 and $5. There is also a custom-priced “a la carte” option where you can choose the exact protections you want. If you want to test the service, a free 14-day trial is available on all packages.
SpamTitan from TitanHQ is a leading business anti-spam filter that controls, cleans, and protects against unwanted emails while blocking spam, viruses, and malware. It claims to be able to block 99.9% of spam, viruses, and other threats that come through email. Despite its rather high catch rate, the product only has a 0.03% false positive rate.
SpamTitan detects spam and other threats through multi-layered analysis including real-time blacklists, SURBLs, sender policy frameworks, and Bayesian analysis. It effectively filters your organization’s email traffic to stop undesirable content from reaching users. It allows you to rest easy, knowing your users never lose genuine email while remaining protected.
The cloud-based platform offers a real-time blacklist, virus and malware detection, and outbound mail scanning. Installation is quick and easy and free support from live technicians is available. The subscription-based service starts at $17/month for 10 users and a free trial is available.
4- Agari Advanced Email Security
The Agari Advanced Email Security solution from Agari Data is AI-based and it claims to understand the human relationships, behaviours, and identities behind email. Equipped with innovations such as the Agari Identity Graph and years of expertise in modelling relationships and behaviours, each incoming email is carefully inspected in a way that no human or legacy security control can approximate. Good emails pass through to the inbox while suspicious communications get discarded or held in quarantine.
Powered by over 2 trillion email messages analyzed annually, the platform can find patterns hidden deep in the data to model good emails and sender behaviours. And because its global data set grows larger every day, the solution becomes smarter and more effective as well – even for zero-day attacks.
The tool’s integrated attachment analysis and detection of account takeover protect your organization from the latest malware-borne threats hidden deep within attachments. Furthermore, its incident response, remediation, and breach containment can reduce the necessary investigative work.
The Agari Advanced Email Security is a Software as a Service (SaaS) solution that is compatible with cloud-based, on-premises, or hybrid email environments. Out of the box, it can protect Microsoft Office 365, Microsoft Exchange, a Google G-suite environments.
Pricing information for this product is not readily available. You’ll need to contact Agari Data to get a formal quote adapted to your specific need. A free trial does not appear to be available but a live demo is.
Canadian-based Zerospam offers more than spam filtering despite its name. The solution offers complete protection against all forms of harmful and undesirable email messages. This includes ransomware and all other types of malware, spear phishing, phishing, DOS attacks, messages containing dangerous links and harmful attachments, good old-fashioned spam and rogue newsletters.
In addition to successfully blocking dangerous messages, Zerospam also offers a complete set of security features. This includes built-in redundancy, confidentiality, automatic mail queuing if the server goes down, on-demand email continuity, optional outbound filtering, TLS encryption by default and effective protection from your own users. The platform uses a unique, proprietary and multi-layered filtering architecture based on state-of-the-art technology and constantly evolving detection techniques.
Pricing for Zerospam is very reasonable, starting at just $0.75/month/user, Furthermore, monthly or annual billing is available based on minimum volume. Detailed pricing can be obtained by requesting a formal quote. A 30-day, no-commitment trial is available and it offers the exact same service and support as you would get if you were a paying customer.