An IT admin at a distribution company had a problem.
While using GreatHorn, an API-based solution, the email problem became unbearable.
It was two-fold. One, like all other API solutions, GreatHorn can only remediate malicious emails into the inbox. Two, the end-users at this company did a great job of reporting malicious emails to the IT team. The problem? Because there were so many malicious emails, this IT admin spent 15 hours a week just remediating emails. According to our State of Email Security report, admins with other API-based solutions spend the most amount of time on prevention duties and get, by far, the most end-user reports per week.
That velocity is troubling. In a post-delivery system, when the alert is sent to the SOC it does not tell the Security Professionals that everything is fine and the attack was evaded. On the contrary, it tells them that their end-user was exposed to an attack and they need to investigate whether the end-user fell victim to that attack. That's time that can't be bought back.
Despite the great growth of API solutions in the last few years, it's important to remember: they are not all created equal.
Only Avanan can block malicious emails before they reach the inbox. All other solutions can only retract it after it hits the inbox. (We refer to this difference as, "We Prevent. They Respond.") Sometimes this can be fairly instantaneously. But other times, it can take as much as five minutes.
In fact, our research has found that it takes other API solutions three minutes and three seconds, on average, to remediate and remove a malicious email from the inbox. End-users, however, will take, on average, 82 seconds to click on a phishing link. It's a race condition, and the loser is the company that gets exposed to a phishing attack.
It's not just phishing.
Many attacks detonate post-delivery, meaning they easily get by email scanners and are only dangerous after the user clicks on the link. URL rewriting, along with time-of-click analysis, allows the security solution to analyze links and block them, as necessary. Preventing such attacks means analyzing links both when the email is delivered and at click-time.
However, not all API-based solutions offer URL scanning. Or, if they do, it's limited in nature.
Beyond that, it's critical to prevent malware and ransomware. We know that the majority of ransomware and malware starts with phishing. In fact, according to Check Point, more than 70% of malicious email attachments or links were sent via PDF or through Microsoft Office.
That's where Content Disarm & Reconstruction (CDR) comes in. CDR works by removing any executable content, making the file safe for the recipient. It protects the end-user from zero-day threats and does so instantly.
According to Gartner, CDR is one of the essential items of any email security solution.
Unfortunately, not all API-based solutions have this feature.
Finally, DLP is an essential part of any security solution.
According to a report from IBM, the average total cost of a data breach has increased by nearly 10%, rising from $3.86 million in 2020 to $4.24 million in 2021.
Many API-based solutions do not have data loss protection. That means that organizations either have to without it or purchase a separate solution.
Avanan's all-in-one solution provides DLP scanning on emails, attachments, files, and other collaboration apps like Teams.
Only Avanan offers all the capabilities for a full security solution. As Omdia wrote,
“Avanan [can] claim the status of a fully-fledged email security platform (i.e. one that can replace a SEG and a non-SEG as the sole provider of inbox security for Office 365 or Gmail). This differs from all the non-SEGs who readily acknowledge that they complement either the incumbent SEG or Microsoft’s Exchange Online Protection (EOP) service to provide protection against the more modern email attack methodologies; a situation that earns them the slightly derogatory designation of “helper apps” from vendors in the SEG community.”
Oh, and the IT admin who switched from GreatHorn to Avanan? Instead of spending 15 hours a week remediating emails, sh enow spends just 15 minutes.
Read the entire case study below: