Posts

Enemy at the Corporate Gate: Why Email Security is More Crucial Than Ever with Dell and SonicWall

Note: This is guest blog post by Bryan Chester, Vice President of North America Partner Software and Imaging Sales at Dell.

Email has long been acknowledged as a business critical application. However, it can expose your organization to devastating sabotage by offering hackers an easily accessible vehicle to exploit vulnerabilities in your organization’s network security.

There are a multitude of repercussions if email-based threats such as ransomware, phishing, or viruses make it into your email servers and users’ inboxes.  Given today’s complex threats, it is crucial that organizations deploy a multi-layered security solution that includes dedicated, leading edge email protection.

Even with the knowledge of that threat, it is becoming increasingly difficult to accurately detect all of the bad emails without creating a bottleneck and dampening your employee productivity. This is especially true for emails containing attachments.

So what can you do to protect your environment at an email level while not slowing down your critical business processes? Dell and SonicWall can help you answer that question.

SonicWall Email Security leverages multiple patented SonicWall threat detection techniques and a unique worldwide attack identification and monitoring network. This next-generation SonicWall Email Security solution protects your organization from today’s most advanced email threats.

SonicWall Email Security includes the cloud-based Capture ATP (Advanced Threat Protection) service that can scan a broad range of email attachment types, analyze them in a multi-engine sandbox, and block dangerous files or emails before they reach your network. Email Security with Capture ATP gives you a highly effective and responsive defense against email threats, all at a low TCO.

SonicWall Email Security features include:

  • Advanced Threat Protection: Integrates Capture cloud-based sandboxing technology for detection of zero-day threats such as ransomware, for fine-grained inspection of SMTP traffic
  • Next-generation Email Protection: Incorporates anti-spam, anti-virus and anti-spoofing functionalities to not only detect and prevent spam and other unwanted email, but also scan email messages and attachments for ransomware, Trojan horses, worms and other types of malicious content.
  • Improved Office 365 Support: Enhances security for multi-tenant environments by providing a method for ensured, mapped delivery of emails for SonicWall Hosted Email Security environments
  • Updated Line of Appliances: Refreshes SonicWall’s line of Email Security Appliances (hardware and virtual options), helping customers to better face threats delivered by email.
  • Encryption Protection: Supports not only SMTP Authentication, but also the encryption service feature enables any email containing protected data to be automatically encrypted, routed for approval or archived.
  • Policy and Compliance Management: Enables an administrator to enact policies that filter messages and their contents as they enter or exit the organization. This allows organizations to meet regulatory requirements based on government legislation, industry standards or corporate governance activities.
  • To learn more download the SonicWall Email Security 9.0 data sheet or view a live demo of the SonicWall Email Security Solution to see all of the latest enhancements.

Reach out to your Dell and SonicWall contacts today to learn more about how SonicWall Email Security can protect your organization by scanning all inbound and outbound email content and attachments for sensitive data, all while delivering real-time protection from spam, phishing, viruses, malicious URLs, spoofing, Denial of Service (DoS), and a myriad of other unknown and sometimes unimaginable attacks.

Securing Email in the Age of Ransomware and Phishing Attacks

Email security has become a big concern for organizations, thanks to phishing campaigns that deliver ransomware. Recently, there has been no shortage of notable cyber attacks. The Google Docs attack, Docusign phishing attackGannet phishing attack, and Jaff ransomware and its variants were all delivered through phishing emails.  Most recently, the WannaCry ransomware attack was spread through an SMB vulnerability.

According to a survey by the SANS institute, spear-phishing and whaling attacks are increasing dramatically. Spear phishing was identified as the second most significant type of attack (ransomware takes the honors for the top spot).  In the case of spear phishing attacks, cyber criminals are carrying out extensive social engineering activities to gather personal information and craft messages that appear from trusted sources to gain the victim’s confidence.

It is becoming increasingly difficult to accurately detect all bad emails, especially those containing attachments, without slowing down email to such an extent that it impacts employee productivity. In many cases, critical business communications need to be delivered promptly, without any delay or being lost in junk or spam folders. In addition, traditional signature-based technologies are proving to be ineffective in stopping phishing emails that contain malicious payloads such as zero-day/unknown malware and ransomware.

In today’s landscape, an effective email security solution should:

  • Align with and complement your network security solutions
  • Integrate with network sandboxing to scan all you SMTP traffic and email attachments
  • Provide granular administrative control over settings and must be able to set policies such as “Tag a subject line” or “Strip email attachment” in cases where communication is of the utmost importance
  • Feature anti-spoofing authentication mechanisms such as DKIM, SPF and DMARC, to protect against impostor emails
  • Offer encryption and data leakage prevention (DLP) capabilities for outbound protection

Email is the top attack vector, and most cyber attacks typically start with a phishing or spear phishing attack. Almost every organization has deployed some sort of email security solution. However, the threat landscape is constantly evolving and today’s advanced threats are designed to bypass traditional security techniques. Now is the right time to evaluate the currently deployed solution and analyze gaps in your security posture. To reduce risk exposure, email security must use a multi-layered approach. Read our solution brief to learn about the critical capabilities of next-generation email security here.

Wrapped Up a Winning Week at Dell EMC World 2017: SonicWall Helps Secure More. Fear Less.

We enjoyed a “winning” week engaging with our loyal customers and partners at Dell EMC World, attended by more than 12,000 IT professionals like you.

SonicWall had a strong and visible presence, with one key goal: to maintain and strengthen our ties with Dell and our mutual customers and partners.  This event affirmed how important Dell EMC customers and partners are to SonicWall, and how committed we are to helping you stay ahead of the cyber arms race.

The buzz of this year’s event was all around “Realize your Digital Future.”  We heard from many customers, partners and Dell executives that organizations are looking to digital transformation to drive IT innovation, enhance workforce mobility and reduce risk.  Throughout the event, attendees explored the exciting and innovative benefits that digital transformation will provide.

However, digital transformation also increases exposure to risks for your customer data, your reputation and your organization’s credibility.  It was clear from feedback at the event that the partnership and solutions from SonicWall and Dell EMC provide the perfect combination to keep you ahead of cybercriminals in the continually evolving cyber arms race.

In the SonicWall booth, we demonstrated how our solutions empower you to prevent breaches, stop phishing attacks, block ransomware, uncover SSL encrypted threats and identify compromised IoT devices.  Our kiosk demos included:

  • Our award-winning multi-engine sandbox, SonicWall Capture ATP, which can scan and block unknown files until a verdict can be reached in order to prevent zero-day and advanced threats.
  • SonicWall’s next-gen firewalls help prevent breaches caused by encrypted malware. Over 60% of today’s web traffic now uses SSL encryption, which can lead to under-the-radar hacks and expose your network to breaches. Most modern firewalls claim to decrypt and scan encrypted traffic, but not all perform well in the real world.
  • SonicWall Email Security with Capture, which can stop phishing and block ransomware in your email. Ransomware attacks have grown at a tremendous rate, with email as one of main attacks vectors.
  • Our latest Secure Mobile Access solutions, which let you define granular access policies, enforce multi-factor authentication and monitor all activities for compliance. SonicWall’s access security and network segmentation delivers the right level of access to your mobile workers and reduces the threat surface.
  • The integration of Dell EMC X-Series switches with SonicWall to extend your network infrastructure securely and centrally manage switches, firewalls and wireless access devices.

Our goal at SonicWall is to help you stay protected and ahead of today’s ever-changing cyber attacks. We do this with the intelligence of our advanced global GRID Network, the unique integration of our award-winning Capture capabilities with our Email Security solutions, and our IoT security solutions. SonicWall lets you protect your enterprise while you drive business productivity, with next-gen firewalls, access security, and email security solutions. We look forward to continuing the momentum of Dell EMC World to give you the power to secure more and fear less.

DPI-SSL: What Keeps You Up at Night? Protect More. Fear Less.

If you have been in this industry for more than a few years, you have probably heard the sales pitch, “What keeps you up at night?” It’s a typical sales tactic to elicit an emotional response to threats that seem to be out of your control. It’s designed to draw you out, start a conversation, and ultimately, prey on your fears.

We have enough security issues to concentrate on without having to prey on fears.  That is one of the reasons I never liked this sales pitch. I have always felt it is better to address the challenges facing network security and do what we can to face those threats.

Growing up in Santa Cruz California, I learned to swim in the ocean with some pretty scary waves.  If you did not see a wave coming, you would get swamped by the wave.  But if you faced the wave and dove under it, the threat was mitigated.  If we do not see the threats in network security, we too can be swamped. For this same reason, we must look into encrypted packets to mitigate those threats.  We cannot face what we do not see.

The SonicWall 2017 Annual Threat Report shows that over half the mechanisms delivering malware utilized encryption to mask the threats.  The threat actors who create malware know that if they encrypt their payload, the odds of end system infection are very high while intrusion detection is low.  As far as effort to create an encrypted session than a standard, plain-text session, is minimal.  So, there is little extra work to create encrypted payloads while the reward is large.

In the last few months, there have been some tests and claims from well-respected Web Browser vendors making the claim that Security Devices doing Deep Packet Inspection (DPI) of encrypted packets weaken security. Their testing showed that many security product vendors deploying ‘Man in The Middle’ tactics to de-crypt and re-encrypt packets for the inspection, re-encrypted with a lower quality of encryption.  This effectively did weaken security, and by doing so, drew the conclusion that security devices performing DPI-SSL weaken your protection.

This position is understandable, however, SonicWall takes this opportunity to actually increase security by hardening HTTPS encryption when weaker cyphers or invalid certificates are presented.

Workstations and end systems do a very good job of updating browsers, checking for revoked certificates and supporting strong encryption methods. But there are many times in which we find the same is not true for hosted sites that contain many servers but have limited IT resources. Encryption methods get depreciated, but these often to not get updated and within the server negotiation of Transportation Layer Security (TLS) session, older and outdated methods still exist today. Secure Sockets Layer 1, 2 and 3 protocols are no longer recommended for sensitive data and should not be used.

The SonicWall next-generation firewall can detect when a server is presenting these weak encryption methods and block session initiation. Of course, there are times when this is not desirable. In that case, we also have the ability to let these connections establish. When I am confronted with incidents where TLS is not supported from a host that contains sensitive data, I have been successful in reaching out to that organization and letting them know they are not complying with Transport Layer best practices.

When networks are breached, sometimes the only time you find out is when these compromised devices “phone home.”  In doing so they will use encryption.  Trojans, malware, and botnets leverage Command and Control Centers for updates and orders.  They use non-standard ports and are not typically web connections. SonicWall is not dependent on port numbers or browsers but all ports. Every packet in each direction is inspected, securing your network.

The next time someone comes into your office and asks you, “What keeps you up at night,” don’t fall into this fear trap.  With SonicWall, sleep sound.  Protect More and Fear Less.

SonicWall Email Security 8.3 Delivers New Spam Detection and Authentication

Summertime means different things to different people. Whether it be kids enjoying time off from school, or parents taking long family vacations, summertime gives everyone an opportunity to re-energize and re-focus.

Everyone that is, including hackers.

Threats to your infrastructure don’t take a vacation, and if you’re entrusted with securing your organization email, it’s important to not leave your guard down during these warm summer days.

SonicWall Email Security solutions continuously protects your email infrastructure from ever-increasing threats including spam, phishing attacks, and malware. And, now you can rest even further knowing that the protection provided by SonicWall Email Security has been improved once again. Our latest release, Email Security 8.3, delivers more effective protection against emerging threats, through the following key features:

  • New Spam-Detection Engine – utilizes both a retrained Adversarial Bayesian model, as well as a new machine learning model which leverages a Support Vector Machine approach
  • SMTP Authentication – if you’re concerned about preventing unauthorized users on your infrastructure, new SMTP authentication requires a user to authenticate prior to sending outbound emails

Additionally, SonicWall Email Security solutions continue leveraging a robust architecture to deliver superior protection with the following features:

  • Multi-Layer Protection – proven, patented, email scanning technologies deliver superior real-time protection
  • Automated Management and Reporting ““ minimize required administration time
  • Compliance & Encryption Management – protect against confidential data leaks and compliance violations
  • Flexible Deployment Options – to best meet business infrastructure requirements, including on-Premise, Virtual, and Cloud-based
  • Scalable – ability to configure for growth and redundancy, allows your infrastructure to grow as required without requiring large upfront costs
  • Multi-Tenancy – enables MSPs to provision and manage email security services for multiple customers

SonicWall System Architecture

Graphic of SonicWall's System Architecture of Email Security 8.3

SonicWall Email Security provides the comprehensive protection needed, so maybe you too can enjoy your summer!

SonicWall Email Security 8.3 is available today for download for those with a valid license. For more information please contact your preferred reseller, reach us directly at 888.557.6642 or sales@sonicwall.com, or visit us for product detail here.

How to Enforce Email Compliance and Encryption to Satisfy Users

If you’re like the majority of internet users, you mostly access the internet from your mobile devices. And by the way, so do your customers. In fact, 2014 was the year that mobile traffic exceeded legacy PC traffic on the internet. Business success, now more than ever, requires that you provide a great, mobile user experience, Email continues to be a key communication tool for business. Although email communication has been a primary application for mobile devices for many years, secure email exchange, ensuring email is encrypted to protect sensitive data and to comply with industry and regulatory requirements, is typically optimized for a legacy PC user experience.

With the widespread use of smartphones and tablets in business today, email encryption solutions must provide a seamless user experience across all devices. Unfortunately, many legacy solutions and services were not designed to function well on these devices, leaving users frustrated or unable to access or manage encrypted messages and files on their smartphones and tablets. If your business is subject to industry compliance or regulatory compliance to protect sensitive data, or if you’re concerned about protecting company intellectual property, it’s increasingly important to deploy an email encryption service designed and optimized for use with mobile devices that provides the seamless user experience subscribers and recipients want and need.

If you’re interested in learning more about requirements for protecting sensitive data, including how to ensure the secure exchange of email containing sensitive customer data – and simplify compliance in the process.

Read this white paper for details about achieving regulatory and industry compliance when moving:

  • PII (Personally Identifiable Information)
  • PHI (Protected Health Information)
  • Proprietary data
  • Any other types of sensitive information

You’ll get a side-by-side look at specific HIPAA/HITECH and PCI-DSS compliance regulations, and how the SonicWall Email Encryption service helps you meet each of them, and provides a great user experience for both legacy PC and mobile users.

Secure Email Data for HIPAA Compliance: Protect Your Business

Protecting sensitive or confidential data is not just good business. For some, it’s legally required and subject to audit. For example, HIPAA regulations require organizations to take reasonable steps to ensure the confidentiality of all communications that contain patient or customer information. Health service providers and their business associates and contractors who touch or handle Protected Health Information (PHI) are subject to these rules.

Organizations such as physician’s offices, hospitals, health plans, self-insured employers, public health authorities, life insurers, clearinghouses, billing agencies, information systems vendors, service organizations, and universities could all be considered covered entities and/or business associates or their subcontractors. In addition, mandatory reporting is required for HIPAA violations, even when the data is lost by a third party.

This increases the need for subcontractors to implement the same level of security typically found in larger organizations. The penalties for failure to conform to HIPAA regulations go far beyond the hundreds of thousands of dollars in fines. They include public humiliation, loss of reputation, brand damage, class-action lawsuits, and yes, even prison. But there are practical ways to avoid these penalties.

Here are some methods to secure your moving data:

1. Do an assessment.

If you do nothing else, at least do an assessment of where your PHI resides, how you get it and where you send it. Knowing where the data is that you need to protect, and how it travels, is the first step.

2. Add layers of security in case people make mistakes.

One of the most common causes of any kind of security breach is human error. Whether conscious, accidental, or simply due to laziness, human error can result in Personally Identifiable Information (PII) or Protected Health Information (PHI) being sent over the Internet as unencrypted text unless content filters are put in place to detect these messages and encode or reroute them safely. You need to:

  • Install smart filters that analyze both the email and its attachments
  • Correlate fields in both documents and attempt to match them to known patient databases
  • Encrypt messages before they’re sent over the Internet

3. Make sure the boundaries between systems are secure.

Communication security breaches commonly occur when data is transferred between two or more systems. It can happen whenever data is transferred between:

  • People within your organization’s firewall
  • People inside and outside your organization’s firewall
  • Your employees and your business associates (and their subcontractors)
  • Your employees and your customers/ patients
  • Two different systems

Whenever information passes between systems and people, the data needs to be secured at all times, even when in transit. You must also ensure the data that is sent to people outside your firewall is always sent in encrypted format, so that no one but its intended recipients can read it.

4. Make sure your internal communications are secure.

Employees who work from home present HIPAA boundary issues. It is critical that they securely transfer data from work to their home computers. Even though your business information will remain within your company it must still pass across the Internet securely. To prevent a mistake that compromises protected information, provide email encryption to any employee with access to PHI.

5. Make sure your business associate and subcontractor communications are secure.

Another boundary issue arises when employees interact with external business associates and subcontractors. It’s likely that they must regularly transfer sensitive information with these external contacts. And they may use different email systems than those in your office. Often, client or patient PII and/or PHI needs to be sent via email. Be sure to secure these emails with encryption that works with many different systems and devices, including mobile devices i.e., smartphones and tablets. Healthcare related institutions must use solutions that make it possible to communicate with anyone, anytime, anywhere, no matter what email system or device the other party uses. Likewise, you must demand the ability to securely transfer large files with all these same people.

6. Make sure your communications with telecommuters are secure.

Employees who telecommute comprise another set of boundary issues.

More medical professionals are working from home and often need to transfer large, important and time-sensitive files such as x-rays or mammograms as attachments through your email system. Because the files can be so large, they have the potential to bring your email system to a standstill.

Not only do you need to exchange these files securely, you need to send them in a way that does not overload or crash your email system. So you either must find the time, the budget, and the resources to set up file transfer sites for these large files or you can use encrypted email with a secure large file attachment capability. Either way, you must make absolutely sure that they comply with encryption guidelines.

7. Make sure when your patients communicate with you, everything they do is secure.

Your patients must often submit forms, ask questions of specific people and departments, or submit follow -up information about an ongoing illness or other matter. These communications often contain PHI. Until recently, these needs were served by paper-based processes, but now can be handled through secure electronic forms on your website. But how do you ensure that this data reaches the right department or employee to process it? And can this data be integrated into existing knowledge worker software to track its status? If the request contains sensitive information, is it received from the patient in a secure manner, or did the method of collecting data cause a privacy violation? And if any follow up is needed with the patient, can this be sent securely? With a messaging system in place that provides secure inbound and outbound service, uses email encryption and secure electronic forms, and provides workflow integration, you can streamline your operations and cost-effectively serve patients.

8. Make it easy to transfer even very large files securely.

FTP, or file transfer protocol, is the standard way to transfer files across the Internet. However, it transmits user login credentials and the contents of files in an unencrypted manner. So this is not the secure method needed for transferring. You need a secure messaging system that automatically routes large files, alerts the recipient that they are available, and that tells you when they’ve been opened and by whom.

9. Make sure you can demonstrate that your system is secure.

After an email message is sent, how do you know what happened to it? Did its intended recipient open it? Were its attachments opened? Is there proof that the message was received and was read? Should a question arise about who viewed a message or its attachments, can you prove who read them to an auditor? It’s increasingly obvious that a secure messaging system must be trackable and auditable. To make this possible, messages and their attachments, their metadata and the fingerprinting data must be both viewable and traceable. The fingerprint data must record permanently the IP addresses of the recipient’s computers, and the system’s time must be synchronized with an atomic clock so that message times are never a point of dispute. Such a system would allow your administrators and, if necessary, auditors to easily review and sort through volumes of message information, and quickly retrieve a particular message, as well as all the tracking and fingerprint information associated with it.

If you’re interested in learning more about requirements for protecting sensitive data, including how to ensure the secure exchange of email containing sensitive customer data and simplify compliance in the process.

Read this white paper for details about achieving regulatory and industry compliance when moving:

  • PII
  • PHI
  • Proprietary data
  • Any other types of sensitive information

You’ll get a side-by-side look at specific HIPAA/HITECH and PCI-DSS compliance regulations, and how the  SonicWall Email Encryption service helps you meet each of them.