Phishing is the root cause of breaches worldwide
Vivek Bhandari |Area 1 Security | Area 1 Security
It’s an issue that organizations, large and small are struggling with. At the same time, there is an industry wide trend towards embracing the cloud for productivity tools and security services. Two such leaders in the space are Google and Microsoft. As organizations look towards migrating to the cloud for their core productivity use case, there is an opportunity to address the Phishing threat by transparently enabling Area 1’s Horizon service along with those cloud services. Area 1 Horizon looks for specific small patterns of phishing messages which evade volume based filters better suited to detect large scale spam or virus laden messages. You can learn more about how we do that here.
Spare a few minutes, stop Phishing
Activating a new security service doesn’t have to be the scariest word in cybersecurity. With Area 1 Security, activation is a snap; in fact, for most IT departments, the whole process takes less than 10 minutes. For one, we stay with you during the whole process. For another, there’s no hardware to deploy. All that’s required to configure your existing devices are a few keystrokes and mouse clicks.
For us at Area 1, the challenging part of our solution happens behind the scenes, where we take on phishing in all its malicious varieties. At the same time, we work to make it simple and intuitive to protect your organization effectively.
While we have the needed documentation on the “ins-and-outs” of activating the service, this blog post provides a quick overview of what is required to get our service up and running on your cloud email system.
Legacy secure email gateways are about as exciting today as flip phones, when compared to the advanced and robust email security now available. Cloud email platforms from Microsoft and Google provide an operationally efficient way to manage email. They also provide good security by filtering out spam and commodity threats. Now, by layering in advanced phishing protection from Area 1 the ‘upgrade to Smartphone’ experience is complete.
Area 1 with Microsoft Office 365
Office 365 configuration is quick and simple. You need to enable Area 1 specific connectors in Office 365 to allow the messages to flow back between Area 1 and Office 365.
The first of these is the inbound connector, which will handle the emails sent to your company and route them to Area 1. The second connector is a Partner connector, which allows Area 1 to send messages back to Office 365. Once the message has been inspected by Area 1, you can use the content filters in Office 365 to manage the dispositions, or you can use any of our native message modification options to mark up messages for your users.
Area 1 with Google G Suite
Gmail is one of the most popular email services in the world — and it’s also incredibly easy to enable Area 1 Security’s phishing protection.
The first step of the configuration is to add Area 1’s egress IP addresses to the inbound gateways configuration in the Gmail administration console. Since all inbound email connections will be originating from Area 1, this will inform Gmail to allow our IP addresses when they compute their verdicts.
Next, when you set up your email service, you were required to define an “MX record” in your DNS zone. As an existing Gmail user, the MX record for your email domain will be pointing at Google. In order to protect your inboxes from phishing messages, you’ll need to modify your MX records to point at Area 1’s service instead. This will allow all new inbound messages to be inspected by Area 1.
Area 1’s email protection service adds X-headers with verdicts for emails that trigger phishing detections. When configured with Gmail’s content filters, the Area 1 X-headers allows customers to take appropriate action on the emails — from quarantine, block or deliver.
We can, natively, append a label to the subject and add a message body prefix to bring further attention to the message; we can also defang URLs, making them unclickable by your users. You can choose to apply any or all of these options. Additionally, you can specify different behavior for each of the detection verdicts.
For maximum flexibility and control, use Gmail’s content filtering policies to deal with messages, such as quarantining malicious messages, and further marking up suspicious messages.
Once the messages are analyzed, we will deliver them to Gmail.
That’s it, you’re done!
Whether you’re using Gmail or Office 365, you can receive real-time reports and detections through our portal, email, and Slack. Our email protection service is quick and easy to activate and requires no software to be installed on your part.
At Area 1 Security, we stop phishing. In minutes. Period.
