FEATURE: CYBERSECURITY
“Our reliance on email
has grown significantly
[…] securing the email
ecosystem should be a
priority for every CIO.”
As Mohammed Basheer, IT Security Practice Head, ISYX
Technologies, says: “Cybercriminals have become quite
tech-savvy […] They make the email look like it is coming
from a legitimate source and as the content and grammar
of phishing emails have improved, it makes it harder to spot.
In addition, the criminals use social media to identify specific
targets so that they will know the person’s name, job title and
organisation they work for.”
So how do you secure your organisation’s
inbox (and outbox)?
As Saunders explains, “Traditionally email security relied
on the ‘protect’ maxim for trying to prevent attacks […]
essentially waiting for an attack to reach the perimeter and
relying on technology to identify the threat and neutralise it.”
More proactive technologies are now needed to target the
increasingly sophisticated attacks.
That’s not to say that traditional solutions should be replaced
completely. An example of a traditional and invaluable
tool is encryption, which has become an inherent part of
security strategies today and a tool utilised by the majority of
enterprises in one form or another, as Nicolai Solling, CTO at
Help AG says.
However, the evolution of the modern business world and
the effect digital transformation is having on business-
customer interaction means encryption may not now be the
only go-to you need. J2 Software’s MD, John McLoughlin,
believes that to simply encrypt all incoming and outgoing
emails is of limited use in today’s world: “Modern business is
characterised by openness, and this raises severe challenges
for the traditional ‘lock everything down’ approach to
Nick Saunders, Sales Enablement
Manager, Mimecast South Africa
www.intelligentcio.com
security. Building high perimeter walls is no longer an
adequate security option when the success of your business
is dependent on its ability to exchange information.”
In light of this, when it comes to securing email systems
ISYX’s Basheer advises that “Businesses should consider the
triad of people, process and technology,” whilst Mimecast’s
Saunders focuses on the triad of inbound, outbound and
internal mail. Whichever way you approach it, it’s apparent
that a holistic, multi-layered approach is necessary.
Investing in a reputable antivirus solution is another way
of guaranteeing your organisation is protected against
malware threats and next-gen ransomware attacks. Most
antivirus solutions will also provide antispam as a solution,
safeguarding your employees, says Njoroge.
Perhaps often overlooked but just as important as prevention
is the ability to continue business if something goes wrong
and to be able to restore and recover. Mimecast’s Sync &
Recover for Exchange and Office 365 is one example of
the solutions available for restoring corrupted or lost email
data. Sync & Recover offers a layered ransomware strategy
Mohammed Basheer, IT Security
Practice Head, ISYX Technologies
Teddy Njoroge, Country Manager,
ESET East Africa
INTELLIGENTCIO
33