Phishing is the biggest cyber threat faced by businesses. Phishing emails are malicious email messages that use deception to obtain sensitive information or trick individuals into installing malware. During the pandemic, cybercriminals took advantage of COVID-19 trends and created phishing emails that spoofed trusted entities such as the World Health Organization (WHO) and the Centers for Disease Control and Prevention offering up to date information on the coronavirus. Companies offering personal protective equipment (PPE) were impersonated when there was a shortage of supply, and recently pharmaceutical firms have been spoofed to send offers related to COVID-19 vaccines.
One of the primary aims of these scams is to obtain Microsoft 365 credentials, which give the attackers access to the treasure trove of data that is typically found in email accounts. The compromised emails accounts are used in email impersonation attacks on other individuals in the organization, or in business email compromise (BEC) attacks to trick finance department employees to make fraudulent wire transfers. A single compromised Microsoft 365 account can give attackers the foothold they need for a much more extensive attack on the organization, with phishing emails the initial attack vector used to deliver ransomware.
These phishing emails can be difficult for employees to identify, even when they are provided with security awareness training. Once an email lands in an inbox, there is a high chance to that email being opened and an employee taking the action requested in the email, so it is essential for businesses to have an effective email security solution in place that can identify and block these malicious messages.
Malware Delivery via Email is Increasing
Recent research has shown that phishing emails are now the primary method used to deliver malware and the number of emails distributing malware is increasing. A study recently published by HP in its threat insights report shows 88% of malware is now delivered via email, with the volume of messages distributing malware increasing by 12% from the previous quarter. Many of these emails contain executable files that directly install the malware on devices or run malicious code that launches memory-only malware.
Traditional antivirus software solutions often fail to detect malware variants sent via email. Antivirus software is signature based, so in order for malware to be detected, its signature must have been loaded into the AV software’s virus definition lists. If there is no signature, the malware will not be detected as malicious. The HP study showed almost a third of all phishing emails used to distribute malware involve previously unseen malware variants.
The threat groups conducting these phishing campaigns use obfuscation techniques and packers that allow malware to evade antivirus software. It typically takes an average of 8.8 days for the hashes of malware variants to be added to AV engines.
Blocking new malware variants is difficult, but not impossible. One of the ways that these emails can be detected is through the use of a sandbox. Email security gateways with sandboxes first scan inbound messages and check attachments using AV engines. Email attachments that are suspicious but are not determined to be malicious from the AV scan are then sent to the sandbox for in-depth analysis. Within the secure environment of the sandbox, the files are investigated for any malicious actions such as command and control center callbacks.
No anti-malware controls will detect all malware variants but using a spam filtering solution such as SpamTitan that uses sandboxing technology will greatly improve the malware detection rate and will help to keep your inboxes malware free. SpamTitan also allows rules to be created for departments, job roles, and individuals that will further improve protection against malware attacks. Rules can be set to prohibit certain file types from being delivered to inboxes – the types of files that are commonly used to deliver or mask malware.
For instance, a recent phishing campaign conducted to distribute NanoCore malware used a .zipx (compressed) file to hide the malware from email security solutions and JavaScript (.js) files are similarly used to install malware. By blocking these uncommon file types for individuals who do not need to run those files will also help to reduce risk.
With phishing and malware attacks increasing, businesses need to ensure that their cybersecurity defenses are up to scratch and are capable of detecting and blocking these and other email and web threats. If you are receiving spam and phishing emails in your inboxes, have suffered a malware attack via email, or simply want to improve your defenses against email and web-based threats, give the TitanHQ team a call to find out more about cybersecurity solutions that can greatly improve your security posture at a very competitive price.
The pandemic forced many businesses to accelerate their digital transformation strategies to support an at home workforce and survive the pandemic; however, this new approach to working was not without risk.
Cybercriminals took advantage of companies that failed to address vulnerabilities, with some of the most widely exploited vulnerabilities in 2020 in remote access solutions such as the Pulse Secure VPN. Brute force attacks against Remote Desktop Protocol skyrocketed as more businesses switched to remote working, and while many businesses have opened their offices once again, the brute force attacks are still occurring at levels far above those before the pandemic.
Threat actors also stepped up their attacks on remote workers early on in the pandemic and attacks are continuing as lockdowns persist and employees continue to work from home. Many businesses address these risks through security awareness training and teach employees cybersecurity best practices and how to identify threats such as phishing. A little security awareness can go a long way and can be the difference between a threat being recognized and avoided or a link in a phishing email being clicked without thinking by an employee.
There are many threats that businesses may not be aware of, one of which was highlighted by a recent YouGov survey. Throughout a large part of the pandemic, schools have been closed and children have been home schooled. The survey revealed a quarter of UK workers have allowed their children to use their corporate device as part of home schooling and for other purposes such as socializing and gaming.
An employee may be aware not to engage in risky online activities, but children using work devices for Internet access leaves businesses vulnerable to cyberattacks. The survey, conducted on 2,000 UK employees, also revealed 70% of employees could access social media websites on their corporate devices and despite being one of the most fundamental aspects of security, 74% of employees said they did not use a unique password for all accounts.
During the pandemic when employees are isolated and may ben struggling with home schooling as well as working, it is understandable for employers to take a more relaxed view on the use of work computers for non-work purposes, but risks do need to be managed. Having no visibility into Internet access and failing to implement any controls over the content that can be accessed by remote workers and other household members on work laptops is a serious risk, and one that could easily lead to a malware or ransomware attack.
One of the ways that security can be improved for remote workers is to place certain restrictions on uses of corporate laptops with a web filter. A web filter such as WebTitan gives IT teams visibility into the sites that their employees are accessing, which allows them to identify potential risks and apply controls to reduce those risks to an acceptable level.
WebTitan can be used to prevent downloads of certain file types to reduce the risk of a malware infection and to block access to high-risk websites, such non-sanctioned file sharing services. Categories of website can be blocked at the click of a mouse, such as social media websites, and it is straightforward to block messenger services.
WebTitan is a powerful, yet easy to use security solution that is easy to apply to protect devices issued to employees no matter where they work and can greatly improve security with a remote workforce as well as when employees return to the office.
For further information on improving security for remote workers, including web filtering and email security, give the TitanHQ team a call. You can also sign up for a free trial of WebTitan here and immediately reduce risk.
Network segmentation is the act of dividing a computer network into smaller physical or logical components. Two devices on the same network segment can then talk directly to each other. For communication to happen between segments, the traffic must flow through a router or firewall. This passage allows for traffic to be inspected and security policies to be applied.
Network segmentation is one of the mitigation strategies in terms of protecting against data breaches and multiple types of cyber security threats. In a segmented network, device groups have the connectivity required for legitimate business use only. The ability of ransomware to spread is greatly restricted. However all too often organizations operate an unsegmented network.
Network segmentation can also help to boost performance. With fewer hosts on each subnet, local traffic is minimized. It can also improve monitoring capabilities and helps IT teams identify suspicious behavior.
If you follow network segmentation best practices and set up firewall security zones you can improve security and keep your internal network isolated and protected from web-based attacks.
Looking to get enterprise-grade protection from malware and phishing? Sign up for a free WebTitan demo today. Book Free Demo
Network Segmentation Benefits
There are many benefits to be gained from network segmentation, of which security is one of the most important. Having a totally flat and open network is a major risk. Network segmentation improves security by limiting access to resources to specific groups of individuals within the organization and makes unauthorized access more difficult. In the event of a system compromise, an attacker or unauthorized individual would only have access to resources on the same subnet. If access to certain databases in the data center must be given to a third party, by segmenting the network you can easily limit the resources that can be accessed, it also provides greater security against internal threats.
Network Segmentation Best Practices
Most businesses have a well-defined network structure that includes a secure internal network zone and an external untrusted network zone, often with intermediate security zones. Security zones are groups of servers and systems that have similar security requirements and consists of a Layer3 network subnet to which several hosts connect.
The firewall offers protection by controlling traffic to and from those hosts and security zones, whether at the IP, port, or application level. There are many network segmentation examples, but there is no single configuration that will be suitable for all businesses and all networks, since each business will have its own requirements and functionalities. However, there are network segmentation best practices that should be followed. We have outlined these and firewall DMZ best practices below.
Suggested Firewall Security Zone Segmentation
Suggested Firewall Security Zone Segmentation
In the above illustration we have used firewall security zone segmentation to keep servers separated. In our example we have used a single firewall and two DMZ (demilitarized) zones and an internal zone. A DMZ zone is an isolated Layer3 subnet.
The servers in these DMZ zones may need to be Internet facing in order to function. For example, web servers and email servers need to be Internet facing. Because they face the internet, these servers are the most vulnerable to attack so should be separated from servers that do not need direct Internet access. By keeping these servers in separate zones, you can minimize the damage if one of your Internet facing servers is compromised.
In the diagram above, the allowed direction of traffic is indicated with the red arrows. As you can see, bidirectional traffic is permitted between the internal zone and DMZ2 which includes the application/database servers, but only one-way traffic is permitted between the internal zone and DMZ1, which is used for the proxy, email, and web servers. The proxy, email, and web servers have been placed in a separate DMZ to the application and database servers for maximum protection.
Traffic from the Internet is allowed by the firewall to DMZ1. The firewall should only permit traffic via certain ports (80,443, 25 etc.). All other TCP/UDP ports should be closed. Traffic from the Internet to the servers in DMZ2 is not permitted, at least not directly.
A web server may need to access a database server, and while it may seem a good idea to have both of these virtual servers running on the same machine, from a security perspective this should be avoided. Ideally, both should be separated and placed in different DMZs. The same applies to front end web servers and web application servers which should similarly be placed in different DMZs. Traffic between DMZ1 and DMZ2 will no doubt be necessary, but it should only be permitted on certain ports. DMZ2 can connect to the internal zone for certain special cases such as backups or authentication via active directory.
The internal zone consists of workstations and internal servers, internal databases that do not need to be web facing, active directory servers, and internal applications. We suggest Internet access for users on the internal network to be directed through an HTTP proxy server located in DMZ 1.
Note that the internal zone is isolated from the Internet. Direct traffic from the internet to the internal zone should not be permitted.
The above configuration provides important protection to your internal networks. In the event that a server in DMZ1 is compromised, your internal network will remain protected since traffic between the internal zone and DMZ1 is only permitted in one direction.
Looking to get enterprise-grade protection from malware and phishing? Sign up for a free WebTitan demo today. Book Free Demo
Risks of an Unsegmented Network
A real world example of an unsegmented network and resulting attack is the massive Target data breach of 2013. Reportedly, the Target breach had its origin in a phishing email opened by an employee at a small HVAC company that did business with Target. The malware lurked in the HVAC network for two months before moving on to attack the Target network.
Once inside they were able to move laterally through Target’s internal network, eventually installing malware on point-of-sale (POS) terminals throughout the stores. In the wake of the attack, Target implemented network segmentation to prevent the lateral movement that allows the attackers move with the system in this breach.
It’s no surprise a breach this huge is massively expensive and the cleanup represents an almost overwhelming challenge. Bloomberg BusinessWeek reported that Target spent $61 million through Feb. 1 on the breach.
The damage?
The data of 110 million customers was compromised.
Over 100 lawsuits have been filed.
Banks have already spent $200 million related to the Target breach, and it’s unclear if there’s an even bigger payout on the horizon.
Effective network segmentation also makes it easier to detect signs of an attack. It’s not uncommon for a company’s Intrusion Detection System to generate such a large number of alerts that many go uninvestigated.
By concentrating on alerts related to sensitive parts of the network, security teams can prioritize incidents likely to be the most dangerous. Network segment traffic can also be monitored for unusual patterns or activity potentially indicating an attack.
Effective Network Segmentation is not enough
Many sectors including manufacturing, retail and industrial are prime target for cyberattacks. Often organizations in these sectors are not up to date in terms of implementing key cybersecurity controls in order to be prepared for advanced and evolving attack methods.
By adhering to network segmentation best practices, you can optimize network security. There's no silver bullet to take down every attacker, but it’s possible to implement several layers of security that work together as a whole to defend against a myriad of attacks.
Looking to get enterprise-grade protection from malware and phishing? Sign up for a free WebTitan demo today. Book Free Demo
Layered Security to Prevent Data Breaches
Layered security allows for each security layer to compound with the others to form a fully functioning, complete sphere of security. The internal network (ideally segmented) and its data are surrounded by powerful, interwoven layers that an attacker must defeat. These layers make security much more complex for a successful breach.
Cybercriminals are already exploiting the lack of security at the DNS layer to conduct phishing attacks and gain access to proprietary enterprise data. Not securing the DNS layer is making it far too easy for hackers to take advantage. Securing the DNS layer is a straightforward process that requires no additional computer hardware or even any software installations. Many vendors now offer cloud based DNS filtering solutions that can be set up in minutes.
Isn’t it about time you started securing the DNS layer and making it much harder for cybercriminals to compromise your network? If you’re looking to get enterprise-grade protection from malware and phishing, check out >WebTitan Cloud DNS filtering today.
FAQs
What does network segmentation mean?
Network segmentation is concerned with dividing a network up into smaller segments called subnets. This can improve network performance and is important for security. By using firewalls between each segment, you can carefully control access to applications, devices, and databases and can block lateral movement in the event of a successful cyberattack.
What is logical network segmentation?
Logical network segmentation is a popular way of segmenting a network. Instead of segmenting physical parts of the network such as routers and access points, logical segmentation uses concepts built into network infrastructure for segmentation, such as creating virtual local area networks (VLANS) that may share physical hardware.
Is network segmentation necessary for PCI compliance?
Organizations that store, process, and/or transmit cardholder data must comply with PCI DSS. One of the requirements is to use network segmentation to keep the cardholder data environment (CDE) separate from other parts of the network. Through network segmentation, organizations can isolate credit card data from all other computing processes.
Can network segmentation protect against ransomware attacks?
Network segmentation is a best practice that can help to reduce the damage caused by a malware or ransomware attack. If a computer is compromised, attackers will attempt to more laterally and access other devices and parts of the network. With network segmentation, lateral movement is much harder, so it is easy to contain malware and limit file encryption by ransomware.
What are the main benefits of network segmentation?
There are three main benefits of network segmentation. First is security. It reduces your attack surface and limits lateral movement in the event of a breach. Second, you can improve network performance, as traffic will be confined to the part of the network where it is required. Thirdly, it makes compliance easier by allowing you to separate regulated data from other computer systems.
TitanHQ has announced that three of its cybersecurity solutions have been named winners at the 2021 Expert Insights’ Best-Of” Awards, beating some of the best-known email security, web security, and email archiving products on the market.
For more than 25 years, TitanHQ has been developing innovative cybersecurity solutions to protect businesses from email and web-based threats to their networks and data. TitanHQ’s multi-award-winning products are used by more than 8,500 businesses in over 150 countries, and 2,500 Managed Service Providers (MSPs) offer TitanHQ solutions to their customers to protect them from phishing, malware, ransomware, botnets, viruses, and other cyber threats.
Expert Insights is a respected website that was created in 2018 to help businesses research and select the best cybersecurity solutions to protect their networks and data from cyber threats. Through impartial product reviews, advice from cybersecurity experts, and industry analysis, IT leaders can discover the best cybersecurity solutions to meet their unique needs. The website helps more than 40,000 businesses a month with their research into cybersecurity products and services.
Each year, Expert Insights recognizes the leading cybersecurity service and solution providers and their products at the Expert Insights’ Best-Of” Awards. Technical experts with decades of experience in the cybersecurity industry assess products based on several factors, including ease of use, range of features, the protection provided, and market position, as well as how each product is rated by verified business users. The top products then receive an Expert Insights’ Best-Of” Award.
This year, TitanHQ was recognized by Expert Insights for the powerful threat protection provided by its products, the ease-of-use of the solutions, and their cost-effectiveness, which is why the solutions have proven to be so popular with enterprises, SMBs and MSPs looking for comprehensive protection against email and web-based threats.
“2020 was an unprecedented year of cybersecurity challenges, with a rapid rise in remote working causing a massive acceleration in cybercrime,” said Expert Insights CEO and Founder Craig MacAlpine. “Expert Insights’ Best-Of awards are designed to recognize innovative cybersecurity providers like TitanHQ that have developed powerful solutions to keep businesses safe against increasingly sophisticated cybercrime.”
WebTitan, TitanHQ’s powerful DNS-filtering solution was named a winner in the Web Security category, the SpamTitan anti-phishing and anti-spam solution was named a winner in the Email Security Gateway category, and ArcTitan was named a winner in the Email Archiving category.
“The recent pandemic and the growth of remote working initiatives have further highlighted the need for multiple layers of cybersecurity and our award-winning solutions form key pillars in this security strategy,” said Ronan Kavanagh, CEO, TitanHQ. “We will continue to innovate and provide solutions that MSPs can use to deliver a consistent, secure and reliable experience to their customers.”
Email retention laws in the United States require businesses to keep copies of emails for many years. There are federal laws that apply to all businesses and organizations, data retention laws for specific industries, and a swathe of email retention laws in the United States at the individual state level. Ensuring compliance with all the appropriate email retention laws in the United States is essential. Non-compliance can prove incredibly costly. Multi-million-dollar fines await any organization found to have breached federal, industry, or state regulations.
Email archiving is absolutely necessary as a result of these federal, state and industry email retention laws. Retention periods vary depending on the regulations that govern your industry sector. Email retention laws require all organizations to quickly execute a legal hold on archived email and provide data in the case of litigation.
All electronic documents must be retained by U.S organizations, which extends to email, in case the information is required by the courts. eDiscovery requests often require large volumes of data to be provided for use in lawsuits and the failure to provide the data can land an organization in serious trouble. Failure to present the requested email can result in hefty fines, sanctions and reputational damage.
For decades, U.S organizations have been required to store documents. Document retention laws are included in numerous legislative acts such as the Civil Rights Act of 1964, the Executive Order 11246 of 1965, the Freedom of Information Act of 1967, the Occupational Safety and Health Act of 1970, and the Reform and Control Act of 1986 to name but a few; however, just over a decade ago, data retention laws in the United States were updated to expand the definition of documents to include electronic communications such as emails and email attachments.
To improve awareness of the many different email retention laws in the United States, a summary of the minimum email retention periods have been included below as a guide. Please bear in mind that this is for information purposes only and does not constitute legal advice. Industry and federal electronic data and email retention laws in the United States are also subject to change. Up to date information should be obtained from your legal team.
What are the Different Email Retention Laws in the United States?
As you can see from the list below, there are several federal and industry-specific laws applying to email retention in the United States. These email retention regulations apply to emails received and sent, and include internal as well as external emails and email attachments.
Email retention law
Who it applies to
How long emails must be stored
IRS Regulations
All companies
7 Years
Freedom of Information Act (FOIA)
Federal, state, and local agencies
3 Years
Sarbanes Oxley Act (SOX)
All public companies
7 Years
Department of Defense (DOD) Regulations
DOD contractors
3 Years
Federal Communications Commission (FCC) Regulations
Telecommunications companies
2 Years
Federal Deposit Insurance Corporation (FDIC) Regulations
Banks
5 Years
Food and Drug Administration (FDA) Regulations
Pharmaceutical firms, food manufacturers, food storage and distribution firms, manufacturers of biological products
Minimum of 5 years rising to 35 years
Gramm-Leach-Bliley Act
Banks and Financial Institutions
7 Years
Health Insurance Portability and Accountability Act (HIPAA)
Healthcare organizations (Healthcare providers, health insurers, healthcare clearinghouses and business associates of covered entities)
6 Years
Payment Card Industry Data Security Standard (PCI DSS)
Credit card companies and credit card processing organizations
1 Year
Securities and Exchange Commission (SEC) Regulations
Email retention laws in the United States that are applied by each of the 50 states are beyond the scope of this article. There area also European laws, such as the GDPR email requirements, that must be considered if you do business with EU residents.
Reduce storage space, eliminate mailbox quotas and improve email server performance.
What is the Best Way to Store Old Emails?
Storing emails for a few years is not likely to require masses of storage for a small business with a couple of members of staff. However, the more employees an organization has, the greater the need for extensive resources just to store emails. The average size of a business email may only be 10KB, but multiply that by 123 – the average number of emails sent and received each day by an average business user in 2016 (Radicati email statistics report 2015-2019), and by 365 days in each year, and by the number of years that those emails need to be stored, and the storage requirements become considerable.
If any emails ever need to be accessed, it is essential that any email archive or backup can be searched. In the case of standard backups, that is likely to be an incredibly time consuming process. Backups are not designed to be searched. Finding the right backup alone can be almost impossible, let along finding all emails sent to, or received from, a specific company or individual. Backups have their uses, but they are not suitable for businesses for email retention purposes.
For that, an email archive is required. Email archives contain structured email data that can easily be searched. If ever an eDiscovery order is received, finding all email correspondence is a quick and easy task. Since many email archives are cloud based, messages are deduplicated, and files are compressed, they also do not require huge storage resources. Emails are stored in the cloud, with the space provided by the service provider.
Increasing Dependence on Email
Number of emails sent and received daily in 2020: 306.4 billion (Radicati)
Amount of business-critical data residing in emails: 60 percent (IDC)
With the rise of remote working, the reliance on business email has grown. More than ever users are treating their inbox as an archive to find documents or information. Email is a centralized store of sensitive data. Consequently, companies use email as a form of information retention, referring back to old emails to find vital information.
ArcTitan: TitanHQ’s Cost Effective and Convenient Email Archiving Solution
ArcTitan incorporates a range of security protections to ensure stored data is kept 100% secure and confidential, with email data encrypted in transit and at rest in Replicated Persistent Storage, with the archive automatically backed up for you.
In contrast to many email archiving solutions, ArcTitan is fast. The solution can process 200 emails per second from your email server and archived emails can be retrieved instantly via a browser or Outlook (using a plugin) or other mail clients. Emails can be archived from any location, whether in the office or on the go via a laptop or tablet. Multiple searches of the archive can be performed simultaneously with up to 30 million emails searched per second. There are no limits on storage space or the number of users and the solution can be scaled up to meet the needs of businesses of all sizes.
Ensuring email archive searchs are performed without hurting network performance and keeping data integrity intact are priorities for most businesses. ArcTitan makes eDiscovery easy for attorneys while simultaneously protecting data.
Data Compliance Considerations When Archiving Email with Remote Working
Last year saw a huge increase in remote working, the pandemic has significantly changed the technology and business landscape. As workers worldwide connects remotely, organizations must ensure that data compliance, security, and privacy is ensured. Cloud-based email archiving offers a cost-effective and efficient way to manage email data across a remote workforce.
A key benefit of cloud-based email archiving is the centralization of disparate email servers. With the ongoing move to remote working, this is even more important. Cloud-based email archiving offers a way to consolidate and manage the data held in business emails, while ensuring compliance across disparate working environments.
Main Features of ArcTitan
Scalable, email archiving that grows with your business
Email data stored securely in the cloud on Replicated Persistent Storage on AWS S3
Lightning fast searches – Search 30 million emails a second
Rapid archiving at up to 200 emails a second
Automatic backups of the archive
Email archiving with no impact on network performance
Ensure an exact, tamper-proof copy of all emails is retained
Easy data retrieval for eDiscovery
Protection for email from cyberattacks
Eliminate PSTs and other security risks
Facilitates policy-based access rights and role-based access
Only pay for active users
Slashes the time and cost of eDiscovery other formal searches
Migration tools to ensure the integrity of data during transfer
Seamless integration with Outlook
Supports single sign-on
Save and combine searches
Perform multiple searches simultaneously
Limits IT department involvement in finding lost email – users can access their own archived email
Compliant with regulations such as HIPAA, SOX, GDPR, Federal Rules of Civil Procedure, etc.
ArcTitan email archiving reduces storage space, eliminates mailbox quotas, and improve email server performance. Email archives allows users to clear their inboxes without deleting emails and creates a tamper-proof, repository for emails to meet compliance requirements and discovery requests.
Email Retention Laws in the United States FAQ
Is it difficult to change email archiving providers?
With ArcTitan you can important data in a wide range of formats, including from your legacy email archiving environment. Some email archiving providers use proprietary data formats which can make changing provider difficult. ArcTitan uses no proprietary formats. You can export data in all common formats should you ever wish to move your archive.
How does the GDPR affect email archiving?
The GDPR permits email data to be retained if the data is processed for archiving purposes. E.U. citizens can submit requests to access their data or have their data deleted, which is why an email archive is important for compliance. It allows personal data to be quickly found if requests are received.
How long do I need to archive emails?
This is between 1 to 7 years, although some email data may need to be kept indefinitely. The Payment Card Industry Data Security Standard (PCI DSS) requires email data to be kept for 1 year, whereas HIPAA, SOX, and the Gramm-Leach-Bliley Act require certain types of email data to be retained for 7 years.
Will any email archiving solution ensure compliance?
No - to be compliant, an email archiving solution must archive emails in an unchanged form, store emails in a tamper proof repository, encrypt emails in transit, encrypt email data at rest, and allow emails to be restored in their original form.
Do I need to continue paying for inactive mailboxes?
Some email archiving providers require you to continue paying for mailboxes and storage even if an employee leaves the company. With ArcTitan, you only pay for active users, even if you still need to store archived email data associated with inactive mailboxes.
What is the difference between a email archive and a backup?
An email archive is an archive used for long term email storage and an email backup is used for short to medium-term storage for disaster recovery. Backups aren't easily searchable wheras email archives can be searched, and individual emails can be quickly found and restored.
Can I search inside archived email attachments?
With ArcTitan you can search emails across the entire organization, within departments/user groups, or individual mailboxes. You can also search inside all common email attachment types, including Microsoft Word, Excel and PowerPoint files, OpenOffice documents, as well as PDFs, RTFs, ZIP files, and many more.
How can I migrate my email archive to ArcTitan?
Migration of an existing archive to ArcTitan is a straightforward process and assistance will be provided. You can use a cutover migration – a straight transfer from an existing provider, perform a staged migration if you have a very large archive to minimize disruption, or a hybrid migration of you want to have a physical and virtual server.
Phishing remains the number one cyber threat to businesses and there are no signs that cybercriminals will be abandoning phishing any time soon. Phishing is defined as the use of deception to fraudulently obtain sensitive information, which often involves impersonating trusted individuals and using social engineering techniques to trick people into disclosing their login credentials.
It is not necessary to be a hacker to conduct phishing campaigns. All that is needed is a modicum of technical expertise and the ability to send emails. The actual phishing kits that are loaded onto websites to harvest credentials do not need to be created from scratch, as they can simply be purchased on hacking forums and dark net websites. A potential phisher only needs to pay for the kit, which typically costs between $20 and $1,000, then host it on a website, and send emails, SMS messages, or instant messages to direct users to the website.
The ease of obtaining a phishing kit makes this this method of attacking businesses simple. All that is needed is a plausible lure, and many people will disclose their credentials. Figures released by security awareness training companies show just how frequently employees fall for these scams. Around 30% of phishing emails are opened by recipients, and 12% of those individuals either open attachments or click hyperlinks in emails.
One 2020 study, conducted on 191 employees of an Italian company, showed no significant difference between employees’ demographics and susceptibility to phishing. Anyone can fall for a phishing scam. Interestingly, that study, published by the Association for Computing Machinery, also found that while the employees believed their security awareness training had been effective, it did not appear to have any effect on their susceptibility to phishing attacks.
Phishing is popular with cybercriminals, it is one of the easiest scams to perform, and it is often successful and profitable. Security awareness training will help to prepare employees and, if performed properly, regularly, and with subsequent phishing simulations to reinforce the training, can help to reduce susceptibility, but what is most important is to ensure that phishing emails do not land in inboxes where they can be opened by employees.
To block the phishing emails at source you need an advanced email security solution. Many email security solutions are heavily reliant on blacklists of IP addresses and domains that have previously been used for phishing and other malicious activities. Along with SPF, DKIM, and DMARC to identify email impersonation attacks, it is possible to identify and block around 99% of phishing emails.
However, to block the remaining 1% without also miscategorizing genuine emails as potentially malicious requires more advanced techniques. SpamTitan achieves independently verified catch rate of 99.97%, which is due to standard anti-phishing measures coupled with greylisting and machine learning techniques.
Greylisting is the process of initially rejecting a message and requesting it be resent. Since phishers’ mail servers are usually too busy on spam runs, the delay in the message being resent is a red flag. Along with other indicators, this helps SpamTitan catch more spam and phishing emails. Machine learning techniques are used to identify the typical emails that a company receives, which allows deviations from the norm to be identified which raises a further red flag.
In addition to a high detection rate and low false positive rate, SpamTitan is easy to implement and use, and regularly receives top marks in user reviews. SpamTitan has achieved 5 out of 5 on Expert Insights, is the most reviewed and best reviewed email security solution on G2, and is also a top-rated solution on Capterra, GetApp, and Software Advice.
SpamTitan works seamlessly with Office 365 and greatly improves phishing email detection, is priced to make it affordable for small- and medium-sized businesses, and has a much-loved managed service provider offering, allowing MSPs to incorporate highly effective spam and phishing protection into their service stacks.
If you want to improve your defenses against phishing attacks, why not give SpamTitan a try. You can trial the solution for two weeks free of charge, during which time you will be able to try the full product and will have access to full product support, should you need it.
Give the TitanHQ team a call today to find out more!
TitanHQ has announced that three of its cybersecurity solutions have been named winners at the 2021 Expert Insights’ Best-Of” Awards, beating some of the best-known email security, web security, and email archiving products on the market.