According to Verizon’s 2018 Data Breach Investigations Report, 92.4% of malware is delivered via email. Add research from Accenture, which shows that the average cost of a malware attack to a company is $2.4 million, while the average cost in lost time is 50 days, and you can begin to understand why email security is such an important service for you to offer your customers.
Doesn’t All Antivirus Provide Email Security?
There are two primary methods of stopping malware being delivered via email. The first is at the endpoint with some form of antivirus/antimalware/endpoint security solution. While these solutions can prevent malicious code from being executed (by scanning email attachments and monitoring embedded hyperlinks), an important consideration is that something bad already made it onto the network to the endpoint. The second form of protection is an email security solution that monitors all incoming (and even outgoing) email for malicious payloads and links, taking a quarantine action before anything bad ever reaches the endpoint.
Previously, XaaS Journal compared a few different endpoint security products. In this comparison, we’ll be looking at email security solutions from Avast, Barracuda, Bitdefender, and VIPRE, which address email security prior to the endpoint.
Core Functionality, Pricing
We asked each vendor to explain how their software functions, what platforms are supported, and how pricing is structured.
Avast Email Security is a cloud-based solution that works with hosted exchange or on-premises, as well as IMAP/POP3 email. All incoming mail is directed through Avast’s cloud security network and data centers where the company scans email for spam, virus, phishing, and other attacks. Suspicious email is held in quarantine in Avast’s network where it is analyzed. Users receive a report including the recently blocked emails and can view the quarantined email messages in real time. Clean email is automatically forwarded to the server for delivery.
Avast offers a pay-as-you-go model so that MSPs can adopt the email security service with no long-term contracts or commitments. The service can be turned on or off as needed. Additionally, there is no minimum commitment. The options within the Email Security act as “a la carte” services of Antispam, Archiving, and Email Encryption so businesses can mix and match as needed.
Bitdefender Security for Exchange is, as the name suggests, for Microsoft Exchange Server protection. Email traffic is scanned in real-time as it passes through Microsoft Exchange servers, by using transport agents, before it reaches the intended recipients’ mailbox. Pricing is based on the number of protected Microsoft Exchange mailboxes. There is no minimum commitment.
Barracuda Essentials – MSP is a cloud-based solution that can protect Office 365, G Suite, and Exchange. Like the others, email passes through a security gateway before reaching the endpoint. There is a fixed monthly price per user (not disclosed) and a minimum commitment of approximately $100 per month.
VIPRE Email Security Cloud is a cloud-based solution that can protect Microsoft Outlook, Lotus Notes, Office 365, and Google Apps. Email is scanned prior to the endpoint, twice. Once at the beginning of the email journey and again after additional machine learning and image analysis. Pricing is per mailbox (not disclosed) and there is a one-year commitment.
Verizon reports that users in the U.S open 30 percent of all phishing emails, with 12% of those targeted by these emails clicking on the infected links or attachments. If you’re surprised by these numbers, and want to hear a very fun story that debunks the myth that only dumb users fall for phishing attacks, check out this podcast.
Okay, so clearly it’s important that your email security strategy considers this attack vector.
According to Bitdefender, Antiphishing protection is included in Security for Exchange’s Antispam filtering module, relying on local signatures, URL blacklist database, and cloud intelligence and machine learning algorithms. Additional protection is provided by an Antispoofing feature, which can be used to prevent attackers from spoofing customer’s email domains.
Barracuda Essentials – MSP combats phishing attempts by combining anti-fraud intelligence, behavioral and heuristic detection, protection against sender spoofing (i.e., spammers spoofing valid email addresses), along with domain name validation to detect and block phishing attempts.
When asked about its phishing protection, Avast reported that the functionality exists and suspicious email is held in quarantine.
VIPRE reports that new phishing features will be released in May 2019. According to the company, the features will include automatic bad URL detection and defending against links becoming weaponized after they pass through spam and virus filters. It will also provide click-time protection of links embedded in emails. Original URLs embedded in email are replaced with a temporary one that, when the user clicks on it, is revalidated to ensure that the target site is not malicious. This click-time re-validation helps to ensure that users don’t intentionally or accidentally attempt to visit sites that could steal their data, corrupt their machines, or invade their privacy.
When it comes to malicious links specifically, Bitdefender says with its software, email containing malicious URLs are filtered out by its Antispam module.
Barracuda Essentials also includes Link Protection. A common method attackers use to deliver malware relies on URLs that contain malicious code, which can be invisibly downloaded and can trigger a much larger attack. Link Protection automatically rewrites these URLs so that the Barracuda Essentials for Email Security can sandbox the malicious request and block the link.
Avast shared that malicious links are analyzed and quarantined.
As reported above, VIPRE’s upcoming phishing features will provide click-time protection that will validate links and protect users.
Bitdefender reports that all email traffic is scanned for malware (including PUA [potentially unwanted applications]) using the Bitdefender scan engines. Various configurable actions can be taken not only on detected threats but also for unscannable files (e.g., password protected). In addition to email traffic scanning, admins can also run on-demand antimalware scans of the Microsoft Exchange databases.
Barracuda Essentials – MSP leverages the cloud for dynamic, real-time threat analysis, attachment sandboxing, and URL protection to prevent malware from affecting email users.
VIPRE Email Security addresses malware prior to the endpoint with scanning technology, behavioral analysis, and URL rewriting. Malware protection is picked up again at the endpoint after the email pipeline of security is complete. Coming in May, VIPRE will offer attachment threat protection to safeguard email attachments from malicious and zero-day threats.
Avast again reported that malware protection exists and suspicious email is held in quarantine.
We all know how spam can threaten productivity by cluttering inboxes. With Bitdefender, incoming email is automatically filtered for spam using multi-layered spam detection filters, local signatures, URL database filter, heuristic filter, RBL lists, and Bitdefender Global Protective Network cloud intelligence. Antispam protection can also be configured for outbound email traffic (more on that in the next section). Trusted email addresses or domains can be whitelisted. The solution integrates with Microsoft Exchange SCL.
Barracuda Networks has a long-standing heritage in spam protection. A comprehensive set of security layers ensures that organizations remain productive in the face of evolving threats. Barracuda Essentials for Email Security leverages Barracuda Central to identify email from known spammers and determine whether domains embedded in email lead to known spam or malware domains. It leverages many of the same techniques found in the Barracuda Spam Firewall that protect against attempts to embed text inside images with the intent of hiding content from traditional spam filters.
VIPRE Emal Security uses an antispam engine that identifies and quaratines spam at a 99.9% efficiency rate according to the company.
Encryption, Outbound Email Protection
Today, it’s not only important to protect your customers from inbound threats, but to prevent outbound threats that can risk their domain being placed on a block list.
Avast Business Encrypted Email is a cloud-based, email security service that provides automatic encryption for all outbound emails sent through its customer’s network. Through its inbox-to-inbox communication, sender-recipient authentication is not required, and users do not need to build and maintain their own encryption keys. Customers can set policy rules that identify sensitive content and automatically encrypt emails to meet defined criteria.
Bitdefender does not offer any email encryption. However, Antimalware filtering is available out-of-the-box for outbound email traffic from the Microsoft Exchange Server. However, antispam, content and attachment filtering can also be configured for outbound email traffic.
Barracuda Essentials – MSP secures mail by encrypting it during transport to the Barracuda Message Center, encrypting it at rest for storage in the cloud, and providing secure retrieval by recipients through HTTPS web access. Data in motion is secured via Transport Layer Security (TLS), and data at rest is secured via AES 256-bit encryption.
Sensitive email can be marked manually for encryption. However, it’s also possible to create a policy to automatically encrypt emails based on their sender, content, and other criteria. Encryption policies ensure that organizations comply with regulations designed to protect customer data, such as HIPAA. Finally, using a subset of its defense layers, Barracuda Essentials for Email Security’s outbound filtering stops outbound spam and viruses.
As part of VIPRE’s upcoming May update, the company reports that its email security solution will leverage encrypted point-to-point data transmission and a secure user portal to ensure that only the right users get the right message every time.
In some cases, it’s ideal to further protect your customers’ email by including archival services. While Office 365 does contain some archiving features, there are limitations. Knowing this, some vendors offer archiving features.
Avast Business Email Archive is a secure cloud-based solution that integrates seamlessly with your customers’ existing email infrastructure. It automatically routes all incoming, outgoing, and internal email through the Avast Business Email Archive gateway, so every message can be safely stored, searched for, and recovered to individual desktops.
Barracuda Essentials provides a cloud-based archive of all email communication. It follows the accepted “best practice” approach for compliance by archiving an original copy of every email into a separate immutable store for long term retention and preservation.
Compliance and eDiscovery capabilities provided within Office 365 may be adequate for some organizations, but the “in-place” approach Microsoft takes for long-term email retention and preservation means these capabilities have inherent limitations. They can be complex and expensive to operate and are unlikely to meet the needs of organizations with more demanding compliance and discovery requirements.
Barracuda’s solution includes a cloud-based, indexed archive separate from Office 365 that allows for granular retention policies, extensive search, auditing, permissions, legal hold and export of emails that may be required in eDiscovery. Litigation holds preserve email from being tampered with until the litigation hold expires or is removed.
VIPRE’s May update will include email archiving with custom management rules that is fully indexed and searchable. Archiving will include unlimited storage of every email message sent to or from an organization, allowing customers to easily track down exactly what was said in business conversations from years ago.
As with all our comparisons, we can’t choose which product is the best choice for you. It’s clear, however, that each of the vendors we covered has put a lot of effort into their solutions. Since criminals are constantly refining their strategies, we know these products will continue to evolve. We plan to update this comparison as new features are released. We also plan to expand the field to the other vendors who were unable to make our initial deadline.