MENU

Email Security

Recently there has been a spate of embarrassing "data losses" via email by several large New Zealand organisations. SSS is very experienced in helping organisations improve their overall IT security posture and this is especially true in regards to email security.

All three of SSS' divisions can have a part to play in ensuring that you have the right level of email security.

  • Our consulting arm can provide you with the necessary assessments and risk analysis.
  • Our software development arm can provide you with specific skills and a development framework to solve specific problems you have.
  • And finally, our security products division has a range of products to support your requirements

section icon security products Solutions + Partners

  • Email Reputation Services

    With the increase of phishing and email spoofing, it is important to maintain effective email validation.

    With the increase of phishing and email spoofing, it is important to maintain effective email validation. We have leveraged our 20+ years of experience and partnerships with leading vendors to provide a fully  managed service around the establishment of effective email validation services. Our service includes continual monitoring of email reputation, delivery performance, and compliance with regulation and governance.

    Let us help you take the complexity out of your email validation processes and enable your resources to better focus their time in other important areas.

    Service Features


    ERS infographic

    Our service at a glance

    • Current State Assessment Services to discuss requirements and next steps, and to support any changes
    • Rapid Onboarding designed to be very light touch with the SSS teams doing all the heavy lifting. The service is cloud-based, requires minimal client input, and carries a low risk to existing services.
    • Configuration Management - We will deploy the required configuration to your environment to support email validation, and provide a full audit history of changes and impacts over time.
    • Blacklist Management - We will monitor your domain and IP reputations against 50+ providers, and will provide notifications and assistance on any points requiring remediation.
    • Alarm Management - The service constantly monitors alarms on domain reputation changes and optional monitoring services. This is linked to incident management to enable rapid responses to any issues.
    • Risk Tied Assurance - This focuses on the risks that exist and the  need to have effective controls. The service provides a level of assurance to common controls, helping to justify the service.
    • Mail Flow Monitoring - This provides insights into the performance and reliability of mail systems. This service deals with the reachability of mail services and not the gateways or email servers themselves.
    • 24/7 Automated Incident Response - The service generates alerts based on monitoring rules or changes in domain reputation or mail flow performance. SSS operates 24/7 support services.
    • Domain Health Checks - Monthly reports are provided on the state of your organisation's email services, and recommendations on how to further improve security posture.  
  • Proofpoint Email Protection

    Proofpoint is considered one of the best email gateway solutions in the market today and is especially good for medium and large New Zealand enterprises.

    Proofpoint is considered one of the best email gateway solutions in the market today and is especially good for medium and large New Zealand enterprises.

    Clients can deploy Proofpoint email protection as a cloud service or as an on-premise gateway, with the same functionality available in each deployment model. 

    To learn more about Proofpoint and discuss if this is the right solution for you, contact us on 04 917 6670 or email sales@sss.co.nz.

    Proofpoint demo request

    Proofpoint offers a comprehensive email protection

    * Imposter email protection

    Proofpoint dynamically blocks non-malware threats such as business email compromise (BEC) trying to trick your people into sending money and sensitive corporate data.

    Proofpoint Advanced Email Security uses a multilayered defence to stop unsafe email from reaching your staff's inbox - and keep sensitive information in your environment when something goes wrong.

    Proofpoint offers a complete solution providing you with complete visibility so you are able to proactively stop advanced attacks, mitigate their impact, and keep your business running.

    * Granular control of unwanted email

    Proofpoint dynamically classifies and quarantines email using seven unique categories.

    * Business continuity

    Proofpoint can help you maintain your email communications if your on-premises or cloud-based email server fails.

    * Continuity *

    Ensure your email is always available with ProofPoint Enterprise Continuity. The service runs with no dependencies on your infrastructure or staff.

    * Availability *

    End users get full access to email either natively within Outlook or via Web portal - all without on-premise software requirements.

    * Automatic *

    This is a completely "hands-off"solution that doesn't require activation during an outage, along with fully automated recovery.

    * Extensive *

    Keep the most recent 30 days of email available in end-user inboxes.

    --------------------------

    Learn more about proofpoint

  • SSS Secure Community

    Recently several of our NZ Government agency SecureIT customers asked us to help them exchange email securely with non-SEEMail participants i.e.

    Recently several of our NZ Government agency SecureIT customers asked us to help them exchange email securely with non-SEEMail participants i.e. their communities of interest. A specific example is the Ministry of Education wanting to exchange secure email with all schools in New Zealand. Other agencies have similarly associated communities that they wish to be able to exchange secure email with. Specifically they want gateway to gateway S/MIME email with easy key management. We have been able to leverage the experience we have with S/MIME email gateway technology, combined with the PKI and Identity Management skills in our recently formed Security Consulting division, to develop a centralised LDAP certificate store for storing / managing the public key of participating “community” organisations.

    Phase 1 of SSS Secure Community enables existing NZ Government SEEMail participants (government agencies) to send and receive email securely within their communities of interest but also allows the wider groups to communicate securely (i.e. School to School using the example above).

    Read More

  • Sophos Email Appliance

    Sophos email appliances (available as hardware or virtual) offer simple powerful protection against spam, malware and data loss.

    Sophos email appliances (available as hardware or virtual) offer simple powerful protection against spam, malware and data loss.

    • Easily scalable
    • Comes in 3 different models
    • Ties in with Sophos Endpoint for reporting

    Sophos email appliances reduce up to 99% of spam with their unique sender genotype technology and are probably one of the easiest email appliances to use due to their “3-clicks-to-anywhere” management console.

    Read more

  • Accellion

    Accellion provides enterprise-class secure file sharing solutions for today's mobile-enabled organizations.

    Accellion provides enterprise-class secure file sharing solutions for today's mobile-enabled organizations.

    • Secure Workspace
    • Send & Receive large files up to 200GB
    • Auditing and Archiving capability

    With Accellion, employees have an easy-to-use mobile file sharing solution and enterprises have the IT controls and management they require.

    Read more

  • Sophos UTM - Email Protection

    Part of the Sophos UTM suite of protection functions, the Email Protection “module” makes it easy to keep your inboxes clear of viruses and spam, and gives you accurate, high-capacity mail filtering and email encryption.

    Part of the Sophos UTM suite of protection functions, the Email Protection “module” makes it easy to keep your inboxes clear of viruses and spam, and gives you accurate, high-capacity mail filtering and email encryption. Handy management tools make life easier for you and your users.

    Includes:

    • Anti-Spam
    • Antivirus Scanning
    • Email Encryption
    • Personal Quarantine and Email Manager

    Read more

  • SecureIT

    SecureIT® is SSS's own email solution that gives you transparent and easy to use policy based S/MIME signing and encryption of e-mail at the gateway.

    SecureIT® is SSS's own email solution that gives you transparent and easy to use policy based S/MIME signing and encryption of e-mail at the gateway.

    SecureIT® works as a stand-alone SMTP relay or with Clearswift's MIMEsweeper for SMTP™ to ensure that:

    • Message content remains confidential during transmission over the public network
    • Recipients can be certain about the authenticity and integrity of messages they receive
    • Control and management of the Public Key Infrastructure (PKI) necessary for this process is maintained at a single point PMDF

    Encryption provides privacy for content as it passes across the public network. Digital signatures provide proof that a message is from who it appears to be from and that it has not been tampered with during transmission. But these processes can create problems like exposure to content threats, orphaned data that can't be decrypted, unauthorised transfer of confidential information and the complexity of managing and synchronising all the public and private keys necessary to run the process. 
    SecureIT® solves these problems.

    Read more

  • StopIT

    StopIT® for MIMEsweeper for SMTP™ allows you to smooth out peaks in mail traffic volume and to protect internal mail systems from volume based denial of service attacks.

    StopIT® for MIMEsweeper for SMTP™ allows you to smooth out peaks in mail traffic volume and to protect internal mail systems from volume based denial of service attacks.

    Read more

  • RecallIT

    RecallIT® preserves your organisation's professional image by allowing e-mail users to recall faulty messages before they leave your organisation.

    RecallIT® preserves your organisation's professional image by allowing e-mail users to recall faulty messages before they leave your organisation.

    Often, you will know the instant you have hit the send button that a message was wrong, or your colleagues will quickly call you if they notice something wrong with a message you have sent to a mixture of internal and external recipients. Until now, once a message had been sent to external parties it could not be retrieved.

    RecallIT® also facilitates the management and review of "sensitive" emails by internal recipients before they are released to external recipients.

    RecallIT® is available either as a stand alone "appliance", or integrated with MIMEsweeper.

    Read more

  • ReleaseIT

    ReleaseIT® for MIMEsweeper for SMTP™ allows authorised users to release selected classes of e-mail stopped by MIMEsweeper for SMTP without assistance from IT staff.

    ReleaseIT® for MIMEsweeper for SMTP™ allows authorised users to release selected classes of e-mail stopped by MIMEsweeper for SMTP without assistance from IT staff.

    ReleaseIT® gives you all the benefits of MIMEsweeper for SMTP but with:

    • Faster Decisions by empowering those with the judgement needed to make informed decisions about the suitability of selected content
    • Increased Privacy by delivering control to authorised message senders and recipients
    • Better Security by eliminating the need to authorise end users for direct access to quarantine areas and by avoiding the need to use IIS on the MIMEsweeper for SMTP server
    • Increased Accountability by providing comprehensive audit logging and message copy capabilities
    • Lower Administration Cost by simplifying content security policy, minimising policy maintenance, & simplifying multi machine deployment

    Read more

  • StripIT

    StripIT® identifies macros and active code in OpenOffice and Microsoft Office documents and removes these sources of risk, allowing the modified document to be delivered to the intended recipients.

    StripIT® identifies macros and active code in OpenOffice and Microsoft Office documents and removes these sources of risk, allowing the modified document to be delivered to the intended recipients.

    Document based macros and other active code have long been seen as a source of security risk.
    There are few limits to what this embedded active code can do when run.

    Microsoft Office applications provide an environment that uses ActiveX/COM DLLs already installed on your system to extend functionality. Visual Basic for Applications (VBA) was included in Microsoft office to provide automation support in and between documents. VBA can access and use ActiveX/COM DLLs available in the office environment plus it can load others. VBA also has direct access to the file system and shell. The power of combining VBA macros with the office environment can pose a significant risk.

    OpenOffice provides access for scripts running in a number of languages including its own version of Basic. These languages are feature-rich and could similarly be used for malicious purposes. OpenOffice can even run some VBA code imported from Excel, provided this capability is enabled.

    There is general concern about what is downloaded when web browsing. That same concern should apply to what is running from inside your Office applications. Macro's are potentially dangerous and can run automatically.

    Malicious use of VBA could provide access to confidential files or could disable the computer's operating system. VBA code has the same access rights as the user, which could be at administrator level.

    Typically, e-mailed Office documents are scanned for virus content only, and if clear, are passed through. Anti-virus programs only look for known virus signatures. There is no reason for them to detect macros or other active code. Alternatively keyword searching may be used to identify the presence of active content and such documents might be quarantined.

    StripIT® provides a higher level of control, allowing macros and other active code to be identified and optionally stripped out of documents before they are delivered to the intended recipients.

    Read more

  • Clearswift

    Built on MIMEsweeper, Clearswift's celebrated content-inspection and filtering technology, the Clearswift SECURE Email Gateway is a highly effective and resilient email gateway for 50 to 50,000+ users.

    Built on MIMEsweeper, Clearswift's celebrated content-inspection and filtering technology, the Clearswift SECURE Email Gateway is a highly effective and resilient email gateway for 50 to 50,000+ users.

    • Spam Protection & Content Inspection
    • Management & Reporting
    • Flexible Deployment Options

    Clearswift’s email gateway is a trusted and proven solution that revolutionised the email security market. With Clearswift your organisation can rest at ease knowing that your email is secure and free of spam.

    Read more