Before email services like Office 365 and Gmail became popular, gateway architecture was the only deployment model for email security. Unfortunately, it is just not possible to protect cloud-based email accounts by monitoring only inbound email. Every Secure Email Gateway product has the same security gaps:
- Deploying a gateway disables the built-in Microsoft and Google security, eliminating defense-in-depth protection,
- Configuration flaws allow an attacker to bypass the gateway altogether,
- An external gateway cannot prevent internal email attacks from reaching the inbox.
- Email gateways are helpless to block a compromised email account.
- No gateway has the internal historical and reputational context to detect the most recent phishing threat, Business Email Compromise impersonation attacks.
These concerns should be first on your list of when looking for your next email security vendor. They are fundamental to your protection.
These represent fundamental questions for email security vendors. If they can't do one or more of these features, they are lacking.
You should ask these 5 Questions to every email security vendor, including Avanan. Here's how we answer.
1. Why do you disable Microsoft and Google’s email security?
Avanan deploys after the Microsoft and Google built-in filters but before the user’s inbox. You get the protection of native whether from Gmail or Microsoft Exchange Online Protection or Advanced Threat Protection.
Avanan offers true defense-in-depth security as an additional layer of protection.
One benefit of deploying behind the native security is that we are able to train our A.I. on real attacks the default layers miss, and analyze the specific methods that the attackers are using to target the native protection. This additional insight is just not available from the outside.
You can even use Avanan with a Secure Email Gateway. We will show you what they miss.
2. Does my configuration allow attackers to bypass the gateway?
Because Avanan doesn’t change the MX record, the mailflow from the sender to Microsoft does not change and there’s no bypass. Avanan deploys inside the suite, it will scan and quarantine all email before it reaches the inbox, no matter the configuration (or misconfiguration) of your environment.
3. Can you block insider email attacks before they reach the inbox?
Avanan deploys inside the Microsoft 365 or Google Suite, providing the same level of protection for inbound, outbound and internal email. Whether from an insider threat or compromised account, Avanan can scan and quarantine an email before it reaches the inbox. It can even retract a rogue email after it reaches the inbox, preventing an attack or stemming a reply-all storm.
4. How would you quarantine a compromised account?
Avanan deploys like an app within the suite, with access to both the event information needed to identify a compromised account and well as take action to block and remediate the users actions.
5. Exactly how are you preventing BEC attacks?
The only way it is possible.
Avanan is the only email security vendor that has the combination of historical organizational context and inbound email controls to protect against sophisticated impersonation attacks.
On the very first day of deployment, Avanan scans up to a year’s worth of emails to build a reputational matrix that is unique to each organization. Nicknames, previous conversations, titles, seniority, group and department, and topics are all automatically incorporated into the machine-learning infrastructure that is used by natural-language systems to identify these social engineering messages.