The Email Laundry who is based in Naas offer a wide variety of security products. Two of their big sellers are an email security and a web security service. The email security service filters your email for spam and viruses and their web security service acts as a browsing protection service for all your users, no matter where they are.
They have revealed to the Irish Tech News some interesting security facts which they have come across through their daily work and they have also offered some tips for our readers.
Every day thousands of viruses are caught by their email filtering service.
Forward scanning links in emails are done to every mail that goes through our filtering service to make sure that the links are safe.
Email encryption is important and is on by default in their email security product but certain clients like banks want encryption policies in place with all their customers and they demand further encryption that only works between the bank and their client.
More and more of their clients from Germany, Ireland and the UK prefer data centres that store their emails etc. to be in their country as they don’t want their data stored in foreign countries. They tell their clients which country their data is stored in but won’t advertise the exact location of them as their security is paramount.
Some of the old virus emails are making a comeback. Scr files which are Windows screen server files were used in the late 90’s and early 2000’s to spread viruses are being sent again via Winzip attachments. Macros in Excel spreadsheets were once used to spread viruses and they are making a comeback.
Mime headers in emails have become a more serious threat as viruses can also rename files to an extension that’s not identifiable.
Their client’s data is always encrypted in transit so if the unthinkable happens the data is protected.
Any of their clients emails that are archived are always encrypted with a customer generated key.
They don’t agree with Symantec who said last year that anti-virus is dead and they just think it has changed and requires a more rounded/heuristic approach. “Signature based anti-virus” is insufficient by itself anymore. When emails are scanned in their filtering service they are checking for attachments but they are also checking for certain patterns in the emails such as the size of email attachments, the text in the email or the size of the email
Cheap or free data storage providers maybe using your data for another purpose so don’t always go by price.
Data compliance is now a big issue and you need to convey this to your customers and you can do as much as you can to allay this but companies need to have their own policies on data compliance for their own networks as data stored locally is their own responsibility.
Good SLA’s and security policies are a must.
Open standard software can be good to use as there are lot of users who will mention online problems and solutions.
Older operating systems are still being used and that’s where you will find vulnerabilities and the first place you should look if there is a breach or suspected breach
For smaller companies the cost to upgrade and or replace hardware and software may result in older hardware and or software still being used.
People are trusting by default and need to be taught. This is what makes phishing such a success.
Fake Microsoft tech support calls still have people falling for them as people are still too trusting.
More tips from the Email Laundry can be read here.
The Email Laundry is also beta testing a new product which helps with phishing and it will be launched within the next 2-4 months and you will read it about here when it is launched. In the meantime as phishing is pretty topical this week they have published on their website a guide to phishing.