Email Security

Email security can be complex and incredibly important given it's the number one threat vector in terms of volume.

There are many different aspects to effective email security protection and many of our clients haven't maintained their email security or evolved to protect against the changing nature of threats.

We are experts in email security and can help you understand your current email security posture and where it can be improved.

Our Email Security Assessment service is designed to evaluate you against best practices and then work with you to improve and mature your email security posture.

If you would like to know more about our Email Security Assessment Service contact us on 04 917 6670 or email sales@sss.co.nz.

Our service at a glance

• We complete a comprehensive assessment for you.
• We provide you with our findings and recommendations.
• We offer you post-review support options.

How does it work?

Our consultants will complete a comprehensive assessment of your full mail flow infrastructure and supporting practices including:

• Email service infrastructure.
• Inbound mail flow and security filtering involved.
• Outbound mail flow and security filtering involved.
• Security of middleware security systems such as SEEMail S/MIME Encryption gateway.
• Email validation technologies in place (SPF, DMARC).
• Reviewing processes around handling of email quarantine and notifications.
• Processes and practices around mailflow.
• User training and awareness of email based threats.

We will provide our findings and best practice recommendations aligned to 50+ key security best practice mechanisms. Our recommendations are product agnostic.

Included in our service you will also receive post-review workshops and consultancy to assist with implementing the changes as required. 

With the increase of phishing and email spoofing, it is important to maintain effective email validation. We have leveraged our 20+ years of experience and partnerships with leading vendors to provide a fully managed service around the establishment of effective email validation services. Our service includes continual monitoring of email reputation, delivery performance, and compliance.

Let us help you take the complexity out of your email validation processes and enable your resources to better focus their time in other important areas.

To find out more about our Email Reputation Service or see a demo - you can call us on 04 917 6670 or email sales@sss.co.nz.

Service Features

Our service at a glance

• Current State Assessment Services to discuss requirements and next steps, and to support any changes

• Rapid Onboarding designed to be very light touch with the SSS teams doing all the heavy lifting. The service is cloud-based, requires minimal client input, and carries a low risk to existing services.

• Configuration Management - We will deploy the required configuration to your environment to support email validation, and provide a full audit history of changes and impacts over time.

• Blacklist Management - We will monitor your domain and IP reputations against 50+ providers, and will provide notifications and assistance on any points requiring remediation.

• Alarm Management - The service constantly monitors alarms on domain reputation changes and optional monitoring services. This is linked to incident management to enable rapid responses to any issues.

• Risk Tied Assurance - This focuses on the risks that exist and the need to have effective controls. The service provides a level of assurance to common controls, helping to justify the service.

• Mail Flow Monitoring - This provides insights into the performance and reliability of mail systems. This service deals with the reachability of mail services and not the gateways or email servers themselves.

• 24/7 Automated Incident Response - The service generates alerts based on monitoring rules or changes in domain reputation or mail flow performance. SSS operates 24/7 support services.

• Domain Health Checks - Monthly reports are provided on the state of your organisation's email services, and recommendations on how to further improve security posture.

Secure email gateway technologies play an important part in protecting your business against prevalent threats such as phishing, social engineering, viruses and malware. Having an effective email security gateway is critical to stop account compromises, malicious outbreaks and annoyance to your users.

Contact us on 04 917 6670 or sales@sss.co.nz to discuss our solutions in more detail or to request a demo. 

We partner with the best to bring you email gateway technology solutions that are right-sized for your business

Every environment is different. This means we want to provide you with solutions that are right for you and scaled to your needs.

We have partnered with leading email security gateway providers to offer you effective and powerful email security gateway solutions offering you options for both cloud and on-premise environments.

You can read more about our solutions below.

* Clearswift SECURE Email Gateway * Proofpoint Email Gateway *
Sophos Email Gateways solutions *

Not sure where to start?

Speak to us and we can help you right size a solution.

If you need to take a holistic view of your email security then we can help with our comprehensive Email Security Assessment Service.

Need help managing your email security gateway solutions?

We are able to help you with a managed service to help you better focus your security resources and efforts.

Contact us on +64 4 917 6670 or sales@sss.co.nz to discuss how our managed services could help you become more efficient.

The Clearswift SECURE Email Gateway transforms your email from a high-risk communication channel to one tailored exactly to your organisation's needs. It can be deployed as a stand-alone solution or to enhance existing email security solutions.

• Advanced inbound threat protection
• Best-of-breed spam detection
• Redaction and santisation
• Anti-steganography
• Optical character recognition
• Multiple encryption options
• Reporting functionality
• Flexible deployment options

Download the Clearswift SECURE Email Gateway datasheet.

Back to Top

Proofpoint Email Security Solutions can be deployed as a cloud service or as an on-premise gateway, with the same functionality available in each deployment model. They use a multi layered approach to stop unsafe email from reaching people's inboxes - and keep sensitive information in your environment when something goes wrong.

Imposter email protection

Dynamically block non-malware threats trying to trick your people into sending money and sensitive corporate data.

Download the Proofpoint email protection data sheet.

Granular control of unwanted email

Dynamically classify and quarantine email using seven unique categories.

Business continuity

Maintain email communications if your on-premises or cloud-based email server fails.

Download the Proofpoint enterprise continuity data sheet.

Back to Top

Sophos Email Gateway Solutions offers you central cloud management through the Sophos Central Console.

Sophos Email Appliance

Sophos Email Appliance is one of the most common email gateway technologies.

• Block targeted spear phishing attacks
• Protect users from new zero-day threats
• Advanced multi-layer spam detection.
• Support for SPF, DKIM, and DMARC anti-spoofing.
• Easily create DLP policies.
• Unique SPX Encryption is easy and transparent.

Download the Sophos Email Appliance datasheet.

Sophos Cloud-Based Email

Sophos Cloud-Based Email Security is a predictive cloud email security solution powered by artificial intelligence.

* See the future * Stop ransomware * Block stealth attacks *

• Block phishing imposters
• Protection from spam and malware
• Integrates into Sophos Central to enable you to respond to cyber threats faster
• Prevent data loss
• Email encryption
• Works with any business email
• Secure Office 365

Download the Sophos Cloud-Based Email datasheet.

Sophos XG / UTM Email Gateway

The Sophos XG / UTM Email Gateway is an add-on subscription adding email scanning technology to their powerful firewall products.

XG Firewall has the latest next-gen firewall technology, it includes all the key features of SG UTM:

• New high-performance SG Series appliances
• Sandstorm sandboxing with deep learning
• Full-function WAF and email protection

PLUS

• Next-gen firewall with zones and unified rules
• Sophos Synchronised Security features
• Powerful centralised management tools through Sophos Central

Download the Sophos XG datasheet.

Download the Sophos UTM datasheet. 

Back to Top

Phishing emails can be very difficult to detect, and some will always reach your end users regardless of the technology you use at the gateway.

Training your staff to be able to detect and report suspicious emails is a vital part of protecting your organisation. It is also important to acknowledge when users do this. Reporting to a black hole does not reward the desired behaviour, you should be letting the submitter know what you found. This can have a large impact on your users and Incident Management teams.

Some of our clients have full-time roles dedicated to analysing and responding to user-submitted phishing email samples.

The SSS Advanced Phishing Triage Service (APTS) is an automated email triage service operated by SSS.

It is designed to streamline your processes by automatically reviewing the content of user-submitted email samples, and responding to the submitter with an analysis result. It also provides your Incident Management team with a report including what was found and any remediation recommendations.

The SSS Advanced Phishing Triage Services complements our wider set of email security tooling to provide comprehensive protection:

• Email Security
• Security Awareness Training  

Contact us on 04 917 6670 or sales@sss.co.nz if you would like to know more about our detection and response services or see a demo of any of these solutions.

How does it work?

APTS is an automated phishing triage service that combines the power of automation with insights from real-time threat intelligence data. Using industry-leading platforms and best practice playbooks, we are able to automatically analyse suspicious e-mail samples, and respond to the submitter with the result and advice on what to do.

E-mail samples are analysed against reputable threat intelligence sources. This data informs the classification decision, and provides evidence to support remediation activities. This information is sent to the client's incident management team in an incident report, which includes details of who submitted the sample, indicators found in the sample, and remediation advice.

A managed service scaled to your needs

Phishing Triage Base Service

Send suspicious email samples to a monitored mailbox for automated analysis. The system will send automatic responses to the reporter stating whether the email is likely to be safe, malicious, or unknown. It will also send an incident report to a nominated Incident Management team with details on the submitted sample and advice on further steps.

Service Features

• 24/7 operation of automated services
• Outlook or Gmail button for easy sample submission
• Automated investigation and intelligence gathering
• Automatic response sent to the submitter
• Automated incident report sent to Incident Management teams

Phishing Triage Premier Uplift

In addition to the Base Service features, the premier uplift provides the option for further customisation, as well as access to SSS security analysts to assist in manual investigations and incident response. This can help identify trends with phishing campaigns or problem users, as well as in-depth investigations on individual samples. There is also an option to have the service automatically delete malicious emails from cloud-based email platforms.

Service Features

• Access to the SSS Security Operations team
• Customisable response templates, logos, and message text
• Detailed incident investigation
• Improved service reporting on the analysis of potential threats
• Option to delete malicious email from cloud-based (SaaS) Office365 and GSuite services for rapid remediation and improved return on investment

Our custom modules offer bespoke solutions to help you get the best out of your email security initiatives.

These are our own modules we developed specifically with our clients and their needs in mind.

In an ever-changing threat landscape it is good to know that your technology will have your back

Cyber attackers are getting more and more sophisticated, and they are constantly looking for a way into your environment. The SSS Email Security Custom Modules, our ITModules, provide you with solutions that typical email gateways fail to provide.

Contact us on 04 917 6670 or sales@sss.co.nz if you would like to know more about our detection and response services or see a demo of any of these solutions.

You can read more about our solutions below.

Jump to:

* RecallIT^® * ReleaseIT^® * SecureIT^® *

* StopIT^® * StripIT^® * 

Need help understanding your current email security setup?

We can help with our comprehensive Email Security Assessment Service. 

Message Retrieval

RecallIT® preserves your organisation's professional image by allowing e-mail users to recall faulty messages before they leave your organisation. It facilitates the management and review of "sensitive" emails by internal recipients before they are released to external recipients. It is available either as a stand alone "appliance", or integrated with MIMEsweeper.

RecallIT® allows you to get those faulty messages back and gives you another chance.

RecallIT® can eliminate the embarrassment of mistakenly sending a message:

• That is incomplete (e.g. forgetting to include an attachment referred to in the body, or pressing "send" too early by mistake)
• To an unintended recipient
• With content you discover is out of date or incorrect immediately after sending it. (e.g. copying a message, changing the address but forgetting to change the salutation)
• Containing more than you intended (e.g. forgetting to take old e-mail content and attachments off when replying or forwarding)
• Containing wrong words which are spelled correctly (e.g. Retards instead of Regards, Toady instead of Today or Bets Wishes instead of Best Wishes)
• To external parties that is intended for internal circulation only

RecallIT® briefly holds e-mail before it leaves your site. This gives you a chance to recall the message if necessary.

RecallIT® also allows individual emails to be held indefinitely until they are either explicitly approved for release or deleted. This together with informational subject line parameters and configurable permissions means that internal email senders/reviewers can get sensitive emails just right prior to releasing to external recipients.

RecallIT® uses Subject Line Parameters to override the default delay on a message-by-message basis. Urgent messages can be "stamped" to leave immediately if required. Other messages can be stamped as embargoed until specific times. Embargoing allows sensitive information to be released to all interested parties at a specified time or for large mail outs to be sent during work hours but not transmitted until after working hours.

Read more about RecallIT® solution

Back to the top

Quarantine Area Management

ReleaseIT® for MIMEsweeper for SMTP™ allows authorised users to release selected classes of e-mail stopped by MIMEsweeper for SMTP™ without assistance from IT staff.

ReleaseIT® gives you all the benefits of MIMEsweeper for SMTP™ but with:

• Faster Decisions by empowering those with the judgement needed to make informed decisions about the suitability of selected content.
• Increased Privacy by delivering control to authorised message senders and recipients.
• Better Security by eliminating the need to authorise end users for direct access to quarantine areas and by avoiding the need to use IIS on the MIMEsweeper for SMTP™ server.
• Increased Accountability by providing comprehensive audit logging and message copy capabilities.
• Lower Administration Cost by simplifying content security policy, minimising policy maintenance, & simplifying multi machine deployment.

Read more about ReleaseIT® solution

Back to the top

S/MIME Gateway

SecureIT® is SSS's own email solution that gives you transparent and easy-to-use policy based S/MIME signing and encryption of e-mail at the gateway.

SecureIT® works as a stand-alone SMTP relay or with Clearswift's MIMEsweeper for SMTP™ to ensure that:

• Message content remains confidential during transmission over the public network
• Recipients can be certain about the authenticity and integrity of messages they receive
• Control and management of the Public Key Infrastructure (PKI) necessary for this process is maintained at a single point PMDF

Encryption provides privacy for content as it passes across the public network. Digital signatures provide proof that a message is from who it appears to be from and that it has not been tampered with during transmission. But these processes can create some problems.

SecureIT® helps you solve:

• Exposure to content threats.
• Orphaned data that can't be decrypted.
• Unauthorised transfer of confidential information.
• The complexity of managing and synchronising all the public and private keys necessary to run the process.

Read more about the SecureIT® solution

Back to the top

Message Traffic Management

StopIT® for MIMEsweeper for SMTP™ allows you to smooth out peaks in mail traffic volume and to protect internal mail systems from volume based denial of service attacks.

StopIT® gives you all the benefits of MIMEsweeper for SMTP™ but with:

• Improved Traffic Volume Management by providing filtering based on volume and message numbers transmitted in nominated time intervals.
• Increased Resilience by providing management of incorrectly constructed SMTP transmissions.
• Better Security by removing relay headers added by MIMEsweeper for SMTP and other servers as messages pass through the mail system.

StopIT® can operate in Monitor Only mode.

Let StopIT® monitor the traffic through your MIMEsweeper SMTP gateway to establish accurate representative maxima for normal message volume and numbers for all sending users and domains. Then use this information to protect your site from abnormal traffic patterns.

Possible uses of StopIT® are when:

• Your mail system users create very high volumes of low priority mail by mailing large messages to large mailing lists. StopIT® can identify unusual volume patterns, tag messages for parking by MIMEsweeper for SMTP, and for release by MIMEsweeper for SMTP at off peak times.
• You want a report of the typical maximum volume or number of messages sent by a user or from a domain in a specified period of time (e.g. minute, hour, day).
• Worm virus infection at one of your business partner's sites results in large numbers of infected messages hitting your site, constituting an attempted denial of service attack.
• Your system suffers from mail loops as might occur if "out of office attendants" get chatting, or an internal recipient is automatically forwarding messages to an external account that fills up and generates error messages which are then sent back to the internal recipient.
• You wish to conceal the content scanning mechanisms used on your outgoing e-mail, as well as the internal route that the mail has travelled to reach the intended recipients.

Read more about the StopIT® solution

Back to the top

Active Code Removal

StripIT® identifies macros and active code in OpenOffice and Microsoft Office documents and removes these sources of risk, allowing the modified document to be delivered to the intended recipients.

• StripIT® identifies macros and active code in OpenOffice (Writer, Calc, Impress) and Microsoft Office 2003, 2007 and 2010 documents (Word, Excel, PowerPoint) and optionally removes these sources of risk, allowing the modified document to be delivered to the intended recipients free of macros and active code.
• StripIT® processes documents inside ZIP, 7Z, TAR, CAB, MIME & BZIP containers. Modified documents are returned to the archive container for delivery. StripIT® also reads RAR containers and writes another supported format if necessary.
• StripIT® identifies nominated file types and can strip them off messages before transmission. It also allows identification of Information Rights Management (IRM) access permissions and the presence of orphaned data structures in some documents.

Read more about the StripIT® solution

Back to the top  

• Simulated and journey-based phishing awareness training
• Phriendly Phishing is largely automated - requires very little ongoing management from your IT team
• Change employee behaviour
• Keep security top of mind

* Effective * Measurable * User Friendly *

Phriendly Phishing is a phishing awareness and simulation program developed by certified professionals at Shearwater Solutions. Through their ongoing research, developers ensure that the training remains current with phishing threats and techniques.

With Phriendly Phishing you can:

• Monitor your phishing risk
• Track improvement
• Measure and report on performance
• Reduce employee clicks on malicious links

Contact us on 04 917 6670 or sales@sss.co.nz if you would like to know more or see a demo of Phriendly Phishing.

Client Testimonial:
"Shearwater Solutions provided us with an excellent portal with a lot of automated interfaces and reporting modules which we felt were fundamental to allowing us to continue to effectively manage awareness and positive behavioural change across the business" - Liz Schoff, Security Consultant at healthAlliance. Read the healthAlliance case study here.

How Phriendly Phishing works - At a Glance

Measure

Start with a simulated phishing campaign to determine your organisation's overall phishing risk, and to establish a baseline for future measurement.

Educate

Train your staff to identify phishing threats and develop their phishing detection skills. Users start at the beginner level and work their way up. Training is user-friendly and geared at all skill and knowledge levels.

Nurture

Nurture your staff's skills with simulated phishing campaigns. Control the difficulty and timing of each campaign to align with staff progress. Training can be reinforced at any stage if needed.

Key Features 

• Works on any device
• Cloud-based
• Scalable solution
• Managed service
• User friendly

About Phriendly Phishing

Phriendly Phishing, part of the CyberCX group, is an Australian-based company which provides security awareness and simulation training solutions. Read more about Phriendly Phishing.