Email Security

The Challenge

Email sees the highest volume of threats that target your users.  Attackers are becoming more and more sophisticated, and this is making it harder for staff to identify malicious and risky emails.

Phishing and ransomware distribution, two prolific threats, are most often email-based.

People often assume that security is only the responsibility of your IT team, but as CERT NZ reports, any person and organisation could potentially be a target for things like:

  • phishing and credential harvesting,
  • scams and fraud, and
  • unauthorised access.


We are experts in email security and have helped businesses with their email security for well over 25 years.

Our email security solutions provide cutting-edge and comprehensive protection.

We can work with you regardless of where you might be in your security journey – whether you want to assess the current state, start and progress along your DMARC journey, need access to expert email advice and capability or are looking for solutions such as:

  • Email Encryption
  • Email Filtering
  • Data Loss Prevention
  • Email Reputation Monitoring
  • Effective Email Validation
  • Hosted Email Security

We can help you determine exactly what you need to best protect your organisation.


  • Understand how mature your current email security approach is
  • Progress with the adoption of new email standards (DMARC, SPF, DKIM, and DANE)
  • Ongoing domain reputation, blacklist, and mailflow monitoring

  • Secure email and reduce the risk of email-related threats impacting your organisation
  • Automatically triage user-submitted emails and the remediation activities relating to email deemed to be malicious


Our Assuremail Hosted Email Security service combines our best-in-class email security solutions with our 25+ years of experience working extensively with email.

Assuremail is a managed service that offers advanced security features giving you the confidence that your email communications are secure.

With flexible integration modes, you will be able to choose the level of automated protection you need.

Assuremail is an AI-based and API-integrated solution that offers you the full benefit of a traditional secure email gateway solution (in line filtering) and also enables you to secure your users’ mailboxes post mail delivery through Office 365 and Gmail integration.

Our team of experts will help you through the straightforward onboarding process and then continue to keep the platform up to standard whilst providing you the granularity and control needed for email filtering.

Key Features

  • Cloud-hosted
  • Centralised management
  • Secure gateway and API integration
  • Expert service management
  • Monthly report and presentation on posture
  • Comprehensive email security that includes email visibility and retention
  • Anti-phishing for inbound and internal emails
  • Known malware prevention
  • Malicious URL and URL click-time protection
  • Sandboxing
  • Account takeover prevention
  • Unauthorised application and shadow IT detection

Add additional value through the following uplift options:

  • Automated user-submitted phishing triage and remediation
  • Domain reputation monitoring
  • Email security awareness training
  • SEEMail
  • Active content removal from files
  • Email delay and recall

SecureIT® is SSS’s own email solution that gives you transparent and easy-to-use policy-based S/MIME signing and encryption of e-mail at the gateway.

SecureIT® ensures:

  • Message content remains confidential during transmission over the public network
  • Recipients can be certain about the authenticity and integrity of messages they receive

SecureIT is an approved New Zealand SEEMail gateway and is used by many government agencies.

Phishing and spoofing are more prevalent than ever.  The use of email validation protocols, such as DMARC, removes many of the attack vectors that are used by malicious actors.

The problem is that this can be complex to set up, and a lot of organisations do not have the resources and expertise to implement email validation protocols effectively.

We have leveraged our 20+ years of experience and partnerships with leading vendors to provide a fully managed service around the establishment of effective email validation services. Our service includes continual monitoring of email reputation, delivery performance, and compliance.

Components of our hosted Email Reputation Service:

  • Current State Assessment Service – prior to onboarding we undertake a current state assessment service so we can understand where you are today so we can map out a roadmap for the service adoption.
  • Onboarding – to our hosted service is seamless and requires little involvement from you.
  • DMARC Policy – over the course of the service, we progressively help you to adopt a stricter DMARC policy.
  • CNAME Records – we host and manage delegated CNAME DNS records for SPF and DMARC.
  • Domain & IP Reputation -we track your domain and IP reputation over 50 different domain blacklisting providers and provide notifications if you get blacklisted and assistance to remediate.
  • Monitoring & Alerts – we constantly monitor alarms on domain reputation changes and alert if there is anything.
  • Reporting – we constantly monitor alarms on domain reputation changes and alert if there is anything.
  • Mail Flow Monitoring – as an uplift we can continuously monitor your mail flow to ensure your email infrastructure is operational.

There are many different aspects to effective email security protection. It can be challenging to maintain effective email security in an ever-changing threat landscape.

We are experts in email security with over 25 years experience.

Our Email Security Assessment service is designed to evaluate you against best practices and then work with you to improve and mature your email security posture.

  • Our consultants complete a comprehensive assessment against best practices of your full mail flow infrastructure and supporting practices.
  • We provide our findings and best practice recommendations aligned to 50+ key security best practice mechanisms.
  • We facilitate post-review workshops and consultancy to help you implement any recommendations.

Phishing emails can be very difficult to detect, and some will always reach your end users regardless of the technology you use at the gateway.

Training your staff to be able to detect and report suspicious emails is a vital part of protecting your organisation. It is also important to acknowledge when users do this. Reporting to a black hole does not reward the desired behaviour, you should be letting the submitter know what you found. This can have a large impact on your users and Incident Management teams.

Some of our clients have full-time roles dedicated to analysing and responding to user-submitted phishing email samples.

The SSS Advanced Phishing Triage Service (APTS) is an automated email triage service operated by SSS.
It is designed to streamline your processes by automatically reviewing the content of user-submitted email samples, and responding to the submitter with an analysis result. It also provides your Incident Management team with a report including what was found and any remediation recommendations.

Our Partners

  • partner-sophos
  • partner-proofpoint
  • partner-halon
  • .jpg
  • partner-mxtoolbox
  • partner-clearswift

Want to know more about our Email Security solutions & services?