A Comprehensive Guide to Email Security Solutions
When a senior employee at an insurance firm fell for a Microsoft impersonation phishing email, nobody realized their credentials had been harvested. The cyberattacker cleverly hid their presence by setting up specific email filtering rules, then sent two high-value invoices to real clients, totaling $300k.
Written by a human
Fortunately, the attack was detected, multi-factor authentication was introduced, and the security provider contained the threat. But it still impacted the insurance firm’s relationship with its biggest clients, leading to reputational damage and potential revenue dips.
In this comprehensive guide to email security solutions, learn about the most important features of any email platform, best practices in securing your company accounts and compare providers to determine which is the best email security software for you.
Email Security Protocols and Best Practices
Email security protocols are processes and tools that exist to block threats and promote safe emails within the channel. They’re integral to any organization, because they automate many of the necessary security practices to keep the channel confidential, and prevent the likes of data breaches and fraud.
Here are some of the email security best practices and protocols:
| Protocol | Definition | Impact |
| Malware detection | Ongoing scanning of foreign intruders, viruses and unauthorized parties | Provides the first line of defense as a barrier against security threats |
| Phishing prevention | Block unverified links and senders who may not be what they appear | Reduce the risk of losses, unauthorized access, and reputational damage |
| Spam filtering | Prevent suspicious messages from landing in the inbox | Locks inboxes against threats and increases productivity |
| Authentication | Validate account ownership and verify credentials upon login | Reduce domain spoofing and make suspicious account activity more obvious |
| Incident response | Reaction protocol after an adverse event to minimize the consequences | Reduce the negative consequences of security incidents |
Types of Email Security Solutions
The four most common types of email security solutions include:
- Email security gateways
- Encrypted email services
- Email filtering services
- API protection
Email security gateways
Secure email gateways are analytic programs that redirect emails, check them, and then forward them to the correct user or account. Security gateways help to identify threats in the email channel and automatically prevent threats from landing in the inbox. This takes human decision-making out of the equation and transforms the process from a fallible process to a reliable one.
Email security gateways tend to work through DNS MX records, which are like databases that simplify URLs. These can be inserted into the email travel paths, creating a point of inspection before validated emails are forwarded to the correct user inbox.
It’s like a postal sorting center – packages get scanned for suspicious items, and opened if they require further inspection. Email security gateways are able to complete this digitally to prevent malicious emails from landing in corporate inboxes.
Encrypted email services
Encryption is the act of converting text from something readable to something disguised, and only having the right key will translate the data.
There are different types of encryption, but in email channels, the most common are:
- end-to-end: encrypted before sending and only unlocked after being opened by the intended recipient
- zero-access: data is not accessible by the service provider or storage provider, only the intended recipient
Secure encrypted emails work through a process called a cryptographic scramble. It means that if malicious perpetrators access an email, it would appear as an unrecognizable code or language unless they had the correct key. This is a great ‘last line of defense’ in case fraudsters can successfully bypass other security features.
Email filtering solutions
Email filtering is the act of sorting emails into categories based on pre-determined rules. Most of us would already recognize this in our inboxes, with labels like inbox, sent, spam, and trash.
However, email filtering can be a very effective security tool against scammers because it automatically analyzes harmful or deceitful content and filters it straight into the spam folder. The technical elements that inform this decision include:
- IP factors such as location
- Domain reputation
- Email headline analysis
- Semantic filtering
- Literal matching
Email filtering works on a rules-based filter to ensure that the right email makes it through the screens and into the inbox.
API protection
API Integrations are commonplace in virtually every business these days, especially tech-savvy companies that value efficiency. But they can have another key benefit when used in the email system, by validating the emails that enter your inbox.
Email APIs have the ability to open, edit, and sort emails without the hassle of rerouting, which makes this technology an alternative to security gateways. They act like traffic cops pulling over cars that are already on the road, and directing each car based on the driver and contents.
Top Email Security Services and Tools
There is a huge range of email security services and tools out there today, each deploying its own technology and focusing on its own niche.
Gartner is an important source for comparing these providers because the Gartner Magic Quadrant for email security categorizes email security companies based on leaders, challengers, niche players, and visionaries.
Proofpoint: best for end-to-end email security
Proofpoint Threat Protection is listed as a leader in the email security category, and provides a robust, well-rounded machine learning algorithm to detect and block the likes of malware and phishing emails.
It’s known for its seamless integrations, allowing the user to easily navigate the platform without being technically-minded. Users can configure their own email rules for added customization around what actually lands in their inbox.
Reviewers love Proofpoint’s “access restriction policies; we are able to provide restricted access to many users” but say that they “wish [they] could get more insights into why certain emails were flagged”.
Microsoft: best for wider security integration
Microsoft Defender is in the challenger category and offers a lot in terms of visibility of threats, which can be helpful for IT teams or cyber-experienced employees.
The software is known for being very intuitive – after all, most of its users are already familiar with the Microsoft system that it’s based on. This also makes Microsoft Defender a strong email security tool for tying it in with wider security, without added points of vulnerability for fraudsters to exploit.
With multiple connectors built for the suite of Microsoft products, Global Relay enables you to connect the data to your compliant archive to preserve business communications and meet regulatory recordkeeping obligations.
Reviewers love Microsoft’s “phishing detection – the phishing protection is solid, helping to catch malicious emails before users open it” but say that “sometimes alerts lack detailed context”.
Cisco: best for email-only protection
Cisco Secure Email is in the niche player group, providing Internet Protocol (IP)-based solutions for a very granular security service. Its content filtering works to accurately determine whether emails are harmful or not, and can help companies improve their compliance and risk management.
This platform is known for its strong cloud email security technology and multi-layered approach, with a fast operating system. What’s more, Global Relay integrates with Cisco’s Jabber and Voice Recorder to effectively connect the data from this channel to a compliant archive.
Reviewers love Cisco’s ability to “scan the attachment before downloading and provide the detailed reports and analytics on email threats” but note that “it’s very granular to email security”, which means that it might not translate to other areas of cybersecurity.
Ironscales: best for innovation
The Gartner email security quadrant features Ironscales as a stand-out in the visionary category, and it’s a great option for businesses that want to minimize risk exposure with the most innovative technology. It also uses integrated security awareness training, and self-learning capabilities that adapt to an organization’s unique email environment.
It’s powered by AI combined with intentional human oversight, with an easy-to-use incident dashboard for thoughtful, visual representation.
Reviewers love Ironscales’ “forward-thinking vision on email protection, and their attentiveness to our specific needs”, but note that their “main challenge has been dealing with false positives, specifically clustering legitimate emails to incidents for customer-facing mailboxes”.
| Provider | Category | Features | Considerations |
| Proofpoint | Leader | Machine-learning algorithm, seamless integrations, custom configuration | Get outputs without knowing all of the details |
| Microsoft | Challenger | Familiar system, secure beyond emails, for fewer vulnerabilities | Flags and alerts can lack context, meaning they are less helpful |
| Cisco | Niche player | Internet Protocol (IP)-based solutions, very focused on email security only (and doing it well), multi-layered security | Granularity means that benefits don’t carry over outside of email, unlike competitors |
| Ironscales | Visionary | AI-powered, very visual, and easy to understand, extra awareness training above core security technology | A risk of false positives, which can impact operational efficiency |
Securing the email channel to protect your business (and its reputation)
Email security involves malware protection, phishing prevention, spam filtering, authentication, and incident response. Threats are constant and constantly evolving, and email security providers must use a combination of security gateways, API protection, filtering, and encryption to robustly protect enterprise businesses.
If you haven’t yet assessed your email security systems, it’s time to take stock. Consider how easy it is for you to set the filtering rules, for your people to understand their account security, and how protected your business is against cyber threats.
Global Relay is a fully integrated solution for every step of your compliant communications journey. With Connectors to capture communications across email on platforms like Microsoft and Cisco, for example, you can effectively archive communications to mitigate risk and stay ahead of evolving regulations.