Phishing: DMARC to the Rescue

Posted on May 10, 2013 by Gregory Shapiro

Here is something you need to know.

DMARC, or Domain-based Message Authentication, Reporting & Conformance, is a new standard for email authentication. You will appreciate it for two reasons: it will protect your email and it will protect your brand.

DMARC does this by not only preventing phishing attacks from entering your organization but also defending other organizations against spoofed emails that appear to come from your company. Already 60% of the world’s mail boxes—nearly 2 billion accounts—is protected by DMARC.

According to the latest Phishing Activities Trends Report from the Anti-Phishing Work Group, there were 28,195 phishing attack campaigns in December of 2012 alone. That’s because, as unfathomable as it may seem to many of us, phishing attacks work. Even savvy users are sometimes caught off guard and tricked into giving up account, password, financial and other personal data.

Emails are also easy to spoof. Sometimes all it takes is inserting your company logo in an email to dupe recipients into thinking they’re dealing with your business. Not only does this reflect badly on your brand, it can disrupt legitimate communications due to customers who are now wary of any email that comes from you. But with DMARC, senders and receivers work together to protect both users and brands from harm.

How does DMARC work?

DMARC allows senders to indicate their emails are protected by SPF and/or DKIM, and tells a receiver what to do if neither of those authentication methods passes—such as “junk” or “reject the message”. DMARC removes the guesswork from the receiver’s handling of these failed messages, limiting or eliminating the user’s exposure to fraudulent messages. DMARC also allows email senders to request reports for messages that pass and/or fail DMARC evaluation.

For example, if user@yahoo.com gets a phishing message purporting to be

a bank account notification from account_alerts@toobigtofail.com, Yahoo! checks the bank’s DMARC policy to see whether the message should have been DKIM signed and, if so, verifies the signature, and/or checks SPF to make sure the sending system is listed in the bank’s SPF record. If any one of these checks fail, Yahoo! will obey the requests of the sender’s DMARC record which can request a failure report as well as specify the action to take (e.g., reject, quarantine, etc.).

This will require some rethinking in terms of how messages are sent by third parties such as Marketo and Salesforce, but with Sentrion, customers can “glue” together application email generated on-premises and in the cloud. This allows your messaging team to take over all email being sent by the organization to better control your brand.

Sentrion customers already get DMARC support for outbound email, which provides for specific policy handling from recipients for email that is not properly authenticated as long as DKIM and SPF are deployed. In the future, Sentrion will also support DMARC for inbound email, which will allow customers to apply policies requested by third parties to email entering their backbones that cannot be properly validated.

What do you think about DMARC? Have you already begun leveraging it in your organizations? Please weigh in below.

DMARC State of the Union: Thursday, May 30, 2013 10:00 AM – 10:45 AM PDT

Register here.

Posted in Gregory Shapiro | Tagged , , , | 1 Comment

Cloud-Email and the Risk of Data Exposure

Posted on April 18, 2013 by Barry Shurtz

Of the concerns people have about cloud security today, data control and data loss rank high—just second behind BYOD according to Infonetic’s April 2013 report. No wonder the market for cloud-based security services is growing at 69%.

Data control and loss is top of mind at Sendmail, too, where we recently announced new products and services to help large organizations securely move and keep email safe in the cloud.

Despite the popularity of texting and social networking, email remains the preferred method of communication in the enterprise, transporting not only the data within the messages themselves but via the attachments they carry with them.

Not only is this a ton of data, most of it is considered sensitive.

So what happens when all this email data is moved to the cloud? What are cloud providers and security vendors doing to secure it? Should businesses be concerned?

Most definitely yes.

Instead, many businesses are rushing to email-in-the-cloud without taking a fresh look at how to keep sensitive data from getting into the wrong hands—whether its unlawfully transferred, stolen, or simply accidentally sent where it shouldn’t have been. This is a mistake, because the migration of email to the cloud requires proper planning and new methods of management.

If your organization is thinking about making the move to cloud-based email, here are some things to consider:

  • Keep high-value email user accounts on-premises, maintaining strict management and encryption of their message flow, while allowing rank-and-file users onto the cloud where most providers don’t have the robust policy engines or TLS, S/MIME and other message encryption required to ensure the strictest level of data security.
  • Even the basic policy enforcement and spam filtering offered by cloud providers may require access to your Active Directory and other LDAP sources, which creates security and privacy concerns.

  • Identify which applications can’t be run in the cloud as they require access to data that isn’t exposed to the Internet.
  • Unless you go private, the cloud is a publicly shared resource using shared resources and comingled databases and logs, which means forensics, log data, auditing, messaging tracking and other features you get on-premises either aren’t available in the cloud at all or can take days to request it from the cloud service providers.
  • A company may feel comfortable with and trust their cloud provider after doing their due diligence, but cloud service providers often have a multitude of partners (data center partners, storage and back-up for example, who they themselves have partnerships with). Businesses need to have a complete view of the entities that their data may be exposed so they can make informed decisions and reduce their risk exposure when moving email to the cloud.

Sendmail, and our cloud partners, provide enterprises all the necessary tools, services and expertise to help them reap the benefits of the cloud while minimizing the security risks of moving email to the cloud­–check out our recent press release summarizing how we are helping Fortune 1000 companies do just that.

Posted in Uncategorized | Tagged , , , , | Leave a comment

Happy ‘Phish Friday’

Posted on April 12, 2013 by Barry Shurtz

Last week Sendmail customer EMC warned businesses that Friday sees more phishing attacks than any other day of the week.

It seems hackers and scammers have their own twisted version of ‘TGIF’.

While it may not be especially surprising, EMC’s warning reminds us just how cognizant cybercriminals are of end user behavior, and how good they are at capitalizing on it.

After all, when is someone at work most likely to open up an email designed to dupe them out of passwords, financial and other info? When they’re whiling away those last few hours before the weekend. When work is either completed or pushed back in favor of sharing videos, images and memes with friends.

Fridays, phishers know, is when employees are “less on guard” and “more likely to check out a link someone emails to them,” says EMC’s Jason Ward. I imagine this is especially true of malicious links sent from hacked accounts that recipients recognize as trusted contacts.

In addition to making sure your employees are on their guard, we recommend checking out our new Sentrion URL Filtering application, (PDF file) which scans email messages for embedded URLs pointing to malicious sites. The app complements existing anti-spam and anti-virus technologies to combat the blended threats, which use email and a combination of viruses, worms, Trojan horses, malicious code and social engineering with server and Internet vulnerabilities to create rapid and widespread damage.

In addition to classifying links by site content or threat type (i.e., offensive, malware, phishing, etc.), URL Filtering provides configurable actions on messages, such as stripping attachments containing links to known malware distribution sites or creating compliance events if links to an unauthorized site are detected.

So be it Monday, Wednesday, or Phish Friday, your business and your employees can be protected.

Posted in Uncategorized | Tagged , , | Leave a comment

Three Clicks Away from Adult Content?

Posted on April 5, 2013 by Barry Shurtz

A recent study conducted by Kaspersky Lab suggests children on YouTube are just three clicks away from playing videos featuring nudity, violence and other adult content—even if they’re watching clips from such G rated fare as Sesame Street or Dora the Explorer. The culprit, Kaspersky says, is the list of suggested videos that automatically appears alongside the video that’s currently playing.

It’s terribly worrisome. But is it surprising?

For many of us, accidentally stumbling upon pornographic content can be a daily occurrence. Some of the most innocuous Google searches can unexpectedly produce the most disturbing images imaginable. And while we know enough not to click on the spam in our junk folders, usually the headers alone are far more than we ever care to see.

Of course, we worry most about the children. But adult content in the workplace creates its own special set of distractions, liabilities and other headaches. Even security is a concern since pornographic material often comes coupled with malware, phishing and other scams.

It’s something Sendmail has been addressing for sometime through our Enterprise Anti-Spam and Sentrion URL Filtering Applications, which prevent adult and potentially harmful emails from ever touching your messaging infrastructure. These apps can be combined with our Sentrion Application Store Partner Image Analyzer to create a strong line of defense against both pornographic images and video.

Image Analyzer is an innovative piece of technology that works by isolating areas of the image that fall within the range of human skin tones while evaluating size, curvature and edge for a highly accurate compositional analysis. It works with all our Sentrion email routing and security products for seamless management of all your filters, policies and message handling. And it’s highly customizable: scanning thresholds, size constraints and engine settings are all adjustable.

Once messages have been deemed offensive, they can be forwarded for HR review, stripped of content, blocked altogether, and much more to prevent and address both a user’s deliberate and non-desired exchange of adult content.

It’s just one more way Sendmail Sentrion works to make email work…for you.

Posted in App of the Month, Barry Shurtz | Tagged , , , , | Leave a comment

Sendmail Announces New Solutions for Smooth, Secure Migration to Cloud-Based Email

Posted on April 2, 2013 by Barry Shurtz

Today we officially announced the email management products and services we created specifically to help enterprises address the security, compliance, IT and other risks that come with both moving email to the cloud and keeping email in the cloud.

While more enterprises are finding it hard to resist the cost-savings benefits of migrating on-premises IT solutions to the cloud, but as our VP, Cloud Enablement and CTO says in today’s announcement, “For larger globally distributed organizations, there are myriad of security, compliance and management risks” that accompany the move. Gartner, too, warns that the decision to move email to the cloud “is far more nuanced and complex than it might initially appear.” This is especially true for hybrid cloud architectures, which we and other experts agree is the only way to go when it comes to messaging infrastructure.

That’s why our Cloud Messaging Architecture Review is listed at the top of our new product and service offerings. Combining tools and consultative services, our Sendmail Messaging Architects are here to help organizations evaluate their current messaging infrastructure, assess needs, and properly plan their migrations for optimal configurations that meet all scalability and security requirements—including those many IT organizations simply aren’t aware of.

We also offer a new Private Cloud Managed Service, a complete custom configured suite of private cloud products and services for total email security, hygiene and backbone based on our award-winning Sentrion Email Integration Platform.

Our new cloud offerings also come with a set of Mimecast-powered applications for Email Archiving, Continuity, and Security, as well as our new Sentrion Rogue Email Application Control (REAC), which addresses the growing risks posed by machine-generated messages.

Altogether, these products and services combine to make your transition to the cloud both smooth and secure. Without a properly planned and managed migration, the cost-savings benefits of cloud-based email can quickly turn into a larger expense your organization might not be able to see… or afford.

Posted in Cloud, SMI Product Announcements!, Sentrion Cloud Apps Powered by Mimecast | Tagged , , , , , | Leave a comment

Phishing: Preparing Your Last Line of Defense

Posted on March 20, 2013 by Barry Shurtz

You’re hurried. You’re under deadline. Clicking, clicking, clicking away at your keyboard. You can hit the backspace after every typo, but if you accidentally click the wrong emailed link, there are no second chances. You’ve just fallen prey to a phishing attack.

Depending on who you ask, phishing costs about $500M (Consumer Reports) to $3B (Gartner Research) annually. The latest report from the Anti-Phishing Working Group shows the number of phishing campaigns is declining. That’s good, right? Wrong. Hackers are moving away from mass phishing attacks in favor of spear phishing attacks, which yield a much greater open rate because people are more likely to trust the sender.

Email management providers like Sendmail can help tackle the problem with anti-spam/anti-virus, authentication, URL filtering, and even big data analysis. But ultimately the success of a phishing attack will come down to the end user. Will he or she recognize the attack?

There are ways you can train your employees to be as security-minded as your security officers. Consider:

  • Tapping outside consultants for monthly (for large enterprises) or quarterly (for small businesses) training sessions that update users on all the latest threats they can expect to encounter now and over time
  • Creating and instilling mandatory reading of Security Threat Watch memos that copy users on the latest scams
  • Instilling clear disciplinary action for failure to identify, rebuff, and inform the organization of attacks as they’re discovered
  • Gamifying behavior modification by sending inventive phishing attacks of your own—reward those who rebuff your attacks, require additional training sessions from those who are duped by them
  • Working with your HR department to incorporate computer security into the required skill sets of those being hired as well as to

Technology and innovation goes a long way in securing your network. But when it comes to your last line of defense, the best way to protect users is to show them how to protect themselves.

Posted in Barry Shurtz, Email Security, Spam | Tagged , , , , , , , , | Leave a comment

Making Email Work Better

Posted on March 11, 2013 by Barry Shurtz

In a previous post, I shared some thoughts on how users can help overcome email overload by adopting better habits on both the sending and receiving ends.

But a big part of taming the beast is making it happen before it gets to the end user in the first place. You may be surprised to know that here at Sendmail, getting the inbox under control is a big part of what we do. But it’s not just about reducing clutter. It’s simply making email work better.

Cutting out spam (pdf) is the biggest problem, and one we do well—as much as 99.7 percent of incoming spam can be stopped dead in its tracks with our advanced filtering technologies. The effectiveness in our ability to block spam is equaled by our ability to eliminate false positives, which can prevent the delivery of important messages and quickly put a damper on your work day. With our Sentrion Trustphere (pdf) application, we can protect legitimate senders and make sure their messages always get through. This means you don’t have to waste time chasing down emails in the Junk folder, asking colleagues whether or not they got your email, or completely dropping the ball on a project.

Another way we make the inbox work better is through our Sentrion Strip and Link app, which automatically removes attachments from emails and replaces them with a link to the cloud where they can be accessed from anywhere. How many times have you been on the road, unable to access an attachment stored in your desktop email? With Sentrion Strip and Link, you can access those documents and other files anytime and from anywhere you want. And with our new Email Archiving and Email Continuity capabilities, powered by Mimecast, you can access the emails themselves—anytime, anywhere and even if your email is down.

But there are even more ways we make email work harder for you. Have you ever clicked send only to regret it seconds later? Perhaps your email could have been worded better. Perhaps you weren’t even done working on it. Perhaps you accidentally sent it to the wrong person. With our Sent-by-Mistake Prevention App, (pdf) which adds an automatic lag time after you click send, you get a second chance. Not only are you protecting yourself against embarrassing gaffes but also information leaks that could land you in even hotter water.

Together with Sendmail on the backend and better email management on the user end, email can work better. And when email works better, you can work better, too.

Posted in Barry Shurtz, Sentrion Cloud Apps Powered by Mimecast, Spam | Leave a comment

Another Record Fiscal Year for Sendmail

Posted on March 5, 2013 by Glen D. Vondrick

In case you missed it, we recently announced four consecutive quarters of profitability for another record fiscal year.

How did we do it? What did it take? Just hard work, smart people, and solid products meeting real needs.

We experienced sales boosts all around the world. We enjoyed another record sales year in Japan. Our customer base continues to grow across many industries—especially financial services, technology, government, and telecom.

But the best is surely yet to come.

Why? Because, we are the only company doing what we do. We’re the only company delivering certain must-have solutions to real-world problems in messaging infrastructure. And while email’s been around a long time—while our options for communication and collaboration have grown—email is still a critical component of doing business. And it too will continue to grow, in terms of both volume and function. As social media, the cloud and mobile forever evolve the way we communicate, email too is evolving with Sendmail’s help to meet new needs.

A big part of our recent success is new customers. But as a sign of email’s evolving and deepening role in the enterprise, existing customers aren’t just renewing their contracts. They’re also deepening their commitments to Sendmail, adding to their investments in our Sentrion Email Integration Platform and indulging in more of our best-of-breed partner offerings in the Sentrion App Store.

Another driver of Sendmail’s momentum is our customer response to the new

Sentrion Rogue Email Application Control (REAC) product, which resolves the security issues large and regulated organizations are starting to experience as they begin moving email into the cloud.

And let’s not forget our new Sentrion Cloud Services, powered by Mimecast, which differentiates us as the only complete enterprise-class hybrid-cloud solution for managing both on-premises and in-cloud email—an architecture many experts are now saying is the only way to go.

And so away we go. On to 2013. On to new accomplishments. And on to another great year helping our customers manage the ever importance of their email systems.

Posted in Glen D. Vondrick | Leave a comment

Managing Your InBox

Posted on March 4, 2013 by Barry Shurtz

Google “Email Overload,” and you’ll come across an endless stream of both lamentations and suggestions from people who have come to view the inbox as a sort of albatross choking the productivity from their lives.

Many may feel this way, but there are ways to tame the beast.

Ideally, this happens before email ever reaches the inbox. That’s part of what Sendmail does—reducing spam and other clutter through intelligent email policy management.

But there’s only so much that can be enabled on the backend (which I’ll spend more time on in a future post). A lot also depends on you. And while the internet already offers suggestions aplenty, as someone who’s spent the last 15 years or so working for companies that specialize in the management of email and other electronic communications—and as someone who like you has struggled to get a handle on the inbox—I thought there still might be enough room to squeeze in my two cents.

And here they are:

1. Use your folders

  • Someone once told me the trick to managing the inbox is to stop thinking of it as a to-do list. Emails should support the completion of tasks, not create new ones. Of course, there’s always the one-off requests you’re going to get, but email for the most part can be categorized by activity. If you create a folder for each activity, you can quickly eyeball each note, route it appropriately, and then address it only when you’re ready to start working on that particular task

2. Wait

  • Email isn’t real-time. So why try to respond in real time? Instead of firing off a reply everytime a new email comes in, let it breathe awhile. This will prevent that endless back-and-forth trap that chews into your productivity by showing senders that email isn’t just another form of instant messaging for you. Once your colleagues realize their emails won’t always be met with a fast reply, you’ll feel more comfortable ignoring emails as they come in until you’ve completed the task at hand.

3. Use other communication methods

  • Email isn’t instant messaging or social media or the phone, and as long as you’re reachable via these technologies, it doesn’t happen to be. As long as people know there are other ways of reaching you for more urgent matters, you’re still available to put out fires when needed. The best part? People tend to cut to the chase more when they’re IMing or phoning, which means even less time is taken from your day.

4. Keep your work separate from the personal stuff

  • With more people emailing from their mobile devices, it’s become common for people to send work matters from personal accounts and vice versa. The result is unnecessary distractions during the work day and no real punching out for personal time. Cut down on this by being more careful about who you share your email accounts with and which accounts you’re using to send emails from in the first place

5. Practice safe sending

  • Just as you should insulate yourself from unnecessary email, you must also be responsible about the emails you generate. I read somewhere that reading the average email takes about 15-20 seconds. This doesn’t include the time spent constructing an email, searching for the right attachment, sending the email, and reading and constructing replies. Before you click send, ask yourself: Do I have time for this? If not—if the objective of your email can be resolved much more quickly on the phone or face-to-face—then you need to click cancel.

There are also a number of new apps and tools out there that help people better manage their box—Sanebox is one interesting example, though I have not yet tried any of these tools – have you? Of course, there are other ways to cut down on the clutter. How do you do it? Please share!

Posted in Uncategorized | Leave a comment

Government Leading Innovation in the Cloud

Posted on February 26, 2013 by Barry Shurtz

Who said government is stodgy and wasteful?

When it comes to cloud computing, government’s on the forefront—particularly when it comes to cloud-based email. The US Army, EPA, GSA, Interior, Labor, the USDA…They are all among the government organizations moving email to the cloud under Obama’s “cloud first” policy.

The US Department of Veterans Affairs is showing particular prudence by starting out with a relatively small, 15,000-mailbox pilot to make sure it’s properly addressing all the security, compliance, governance and cost-savings concerns that are all part and parcel of the email-in-the-cloud package. Then, the VA will up the roll-out to 600,000 mailboxes to save what it hopes will amount to about $85 million in maintenance fees, support staff and aging hardware it will no longer need.

I hope other organizations regardless of sector are paying close attention.

Everyone wants to save a buck, of course, but it’s not as easy as many think. The email infrastructure of large and regulated organizations, for instance, are tied to directory-driven policy enforcement, routing, and core infrastructure for hundreds, sometimes thousands of applications and machines that automatically generate e-mail day in and day out. Trying to move some email to the cloud (when it’s even possible) simply isn’t worth the negative ROI or risks associated with security, compliance, and system failure.

Another problem for government, but others too, is that the public cloud often fails to meet the tight requirements for encryption, data loss prevention, policy enforcement, compliance, archiving and many other security needs. And so we watch with great interest as the Department of Energy and the National Nuclear Security Administration continues its work on the secure, hybrid cloud model they began working on last year.

We’ve long stressed the wisdom in deploying flexible on-premises/in-cloud hybrids that can support the various deployment options for mailboxes, security, archiving, routing and policy management. Gartner too has said that large, complex and heavily regulated organizations have unique requirements that cannot be entirely fulfilled by cloud-only provisioning.

Perhaps you don’t pay much mind to what Sendmail or Gartner has to say about cloud computing. But the National Nuclear Security Administration? As their CTO says, if it’s enough for a nuclear weapons complex, it’s probably good enough for the rest of us.

Posted in Barry Shurtz, Uncategorized | Leave a comment