Pages

December 16, 2017

Email Security Best Practice - Part I

Introduction

I will help you to have good strategy on email security for your organization. These days most of the infections happen by email, hence we should be careful on choosing new email security appliance. Our email security appliance should be able to combat new generation threats.

Remember

  • Normal signature based anti-virus are not enough, hence choose a product which does sandboxing of Attachments and URLs too.
  • Bad senders must be blocked at the edge before accepting emails.
  • Stop email from Public IPs without pointer dns record.
  • Must have more than 1 anti-virus engine doing scanning of your inbound emails.
  • Do not send marketing emails form the same email system used for corporate email communication.
  • Tag or quarantine email from url with bad reputation.
  • At minimum save your senior management and finance folks from being spoofed.
  • You must have idea who are the allowed to spoof your domain and restrict all others.
  • Must have dkim, spf and dmarc record setup correctly.
  • Keep an eye on reputation of your IP address and domain reputation.
  • Perform IP Warm-up before sending email from a new public IP.
  • There are many email vendor (Cisco, Proofpoint & Micorosft) with sanboxing solution, hence explore them based on your budget and requirement.
  • Have balance between security and business, never overdo security.
I will add more content to this article in next few days.