Posts

Workplace Cybersecurity Is Everyone’s Responsibility

The cyberthreat landscape is changing. An increasing number of cyberattacks are executed using sophisticated tactics. Earlier this year, SonicWall warned that malware volume increased 102 percent in the first half of 2018 compared to that of 2017.

The report also notes a significant increase in cyberattacks that leverage new variants of malware, including ransomware and encrypted threats. Further, attacks are becoming highly targeted, for example baseStriker and PhishPoint target Office 365 users.

Attackers are evolving to take advantage of workplace technology trends, including the cloud and BYOD. These trends empower workforces to be mobile and productive as demanded by today’s 24/7 hyper-connected reality. Unfortunately, these behavior changes are significantly expanding the attack surface area for cybercriminals to exploit.

“Attackers are evolving their tactics to take advantage of workplace technology trends, including the cloud and BYOD.”

Today, network security means more than just safeguarding data, applications and infrastructure. Employees are not only resources that need protection, but also weaknesses or valuable assets for a stronger cybersecurity posture.

It is, of course, essential for organizations to have necessary security in place to monitor and protect attack surface areas. But no security product can be a silver bullet to stop all cyberattacks. It is necessary to educate and empower the last and most crucial line of defense: your employees.

Build a Culture of Cybersecurity Awareness

Employees are a key resource for an organization. As driving revenue is the primary objective, safeguarding the organization must also become one of the main responsibilities for employees. With the right frameworks and security awareness training programs in place, they can also be an effective layer of defense — a human firewall.

By extending these responsibilities to all employees, organizations can prevent sophisticated cyberattacks, saving the organization from financial, legal and reputation damages.

Creating cybersecurity awareness and training programs must include what employees must be aware of, what they need to watch out for, what best practices should be leveraged and how to follow them. It also must be easy to report security incidents. These programs must be delivered efficiently, measured and be easy to use.

Since the cyber threat landscape is evolving, the “human firewall” needs continuous signature/intelligence updates in terms of the new threats and how to identify and stop them. This is modern cybersecurity awareness.

Stop the No. 1 Cyberattack Vector: Email

But cybercriminals also know to target the human element to execute attacks. Email is the No. 1 threat vector used by cybercriminals today; more than 90 percent of attacks start with a phishing campaign.

Modern phishing tactics can trick even the savviest users. Attacks that use fake login pages, impersonation and business email compromise (BEC) are difficult to detect and block as these emails do not contain malware.

Organizations would benefit from taking a human-centric approach to email security and include user training and awareness to spot and avoid clicking on phishing email threats. Organizations should train employees to:

Embrace security as one of their key responsibilities. Beware of sudden changes in business practices. For example, email requests for transfers of funds.
Treat any suspicious email with caution. Review the signature and legitimacy of the request.
Look at domain names from suspicious emails. Confirm requests for transfers of funds or confidential information, such as W-2 records.
Exercise extra caution if an email is from a free, web-based account. Do not use the “Reply” option to respond to any business emails. Instead, use the “Forward” option and either type in the correct email address or select it from the email address book to ensure the intended recipient’s correct email address is used.
Check for spelling mistakes and grammatical errors.

Spot Sophisticated Phishing Attacks

Want to brush up on your ability to spot a phishing attack? Take SonicWall’s quick Phishing IQ test or download our exclusive brief, “How to Stop Email Spoofing.”

Monitor and Manage Shadow IT

According to Gartner, by 2020 one-third of security breaches will be the result of shadow IT. The ease of SaaS adoption and deployment leads to the following problems:

  • Losing control over sensitive corporate data traversing through public or hybrid clouds and data centers introduces new risks such as unauthorized access, malware propagation, data leakage and non-compliance.
  • Balancing security budgets, shadow IT practices and employee productivity.

To address the above challenges, IT administrators need Cloud Access Security Broker (CASB) solutions to provide visibility for what applications are being used and where. This will help them better understand the overall risk posture.

To mitigate the risks of shadow IT and embrace productivity, both organizations and employees must understand the agreement on what constitutes a legitimate application allowed for official use. Employees must be trained to use judgement so that they do not upload sensitive or confidential data into cloud-based applications.

Protect Endpoints, Especially When Outside the Perimeter

Workforces today rely on the same device for business and personal use, resulting in intermingling of business and personal data and applications. This creates an increased risk of security breaches for organizations, including:

  • Unauthorized users gaining access to company data and applications
  • Malware-infected devices acting as conduits to infect company systems
  • Interception of company data in transit on unsecured public Wi-Fi networks
  • Compliance with audit and regulatory requirements
  • Loss of business data stored on devices if rogue personal apps or unauthorized users gain access to data

To ensure proper safety, employees must be educated on the risks an endpoint poses to an organization, especially when those devices are frequently used from home, mobile or public networks. This can start with the basics such as:

  • Lock mobile devices when not in use.
  • Don’t use USB drives you don’t trust.
  • Update all software, operating systems and malware signatures.
  • Use secure VPN connections when accessing corporate resources over unsecured networks.
  • Install next-generation anti-virus (NGAV) to stop the latest threats.

Cybersecurity: Our Shared Responsibility

As cyberattacks evolve, organizations need to take a human-centric approach to security. Cybersecurity is everyone’s job. It’s a shared responsibility. It’s critical that structures, guidelines and processes are in place to make employees care and be responsible to remain safe online while at work.

Organizations will greatly benefit by incorporating user awareness and training programs to educate and empower employees who will form a critical line of defense. Cybersecurity is never finished. Make it core to company culture.


About Cybersecurity Awareness Month

The 15th annual National Cybersecurity Awareness Month (NCSAM) highlights user awareness among consumers, students/academia and business. NCSAM 2018 addresses specific challenges and identifies opportunities for behavioral change. It aims to remind everyone that protecting the internet is “Our Shared Responsibility.”

In addition, NCSAM 2018 will shine a spotlight on the critical need to build a strong, cyber secure workforce to help ensure families, communities, businesses and the country’s infrastructure are better protected through four key themes:

  • Oct. 1-5: Make Your Home a Haven for Online Safety
  • Oct. 8-12: Millions of Rewarding Jobs: Educating for a Career in Cybersecurity
  • Oct. 15-19: It’s Everyone’s Job to Ensure Online Safety at Work
  • Oct. 22-26: Safeguarding the Nation’s Critical Infrastructure

Learn more at StaySafeOnline.org.

Top 7 Cybersecurity Tips Anyone Can Use at Home

Cybersecurity is not just a topic for enterprises, businesses and government agencies. Home users are just as vulnerable to malicious cyberattacks. As October is National Cyber Security Awareness Month (NSCAM), it’s important that home users are routinely educated about online safety. To help, we’ve compiled a list of our top seven cybersecurity tips that anybody can apply in their home.

  1. Password Use

    Passwords are your first line of defense online and yet it is the first area where many of us fail. Who hasn’t written a password down on a Post-it note at some point? Here are the basic dos and don’ts of password usage:

    • Do not use the same password across multiple accounts. (We know you do this. Stop it. Now.)
    • Do use strong passwords. Password123 is not a good password. Neither is monkey. Or your cat’s name. In fact, don’t use any of these Top 100 Passwords.
    • Do not share your passwords.
    • Do use a password manager.
    • Do change default passwords. Many smart devices that connect to your network, such as baby monitors, printers or thermostats, may have default passwords.
  1. Safe Online Shopping
    Who doesn’t love to shop from the comfort of their own home? In a couple of clicks you can compare products and prices from multiple retailers, have products delivered to your home in a matter of hours and you can do all this while wearing your pajamas.Here’s how you can safe while shopping online:

    • Look for the padlock or https: Reputable websites use technologies such as SSL (Secure Sockets Layer) that encrypt data during transmission. Look for the little padlock in the address bar or a URL that starts with “https” instead of “http,” as the “s” stands for “secure.”
    • When shopping on online marketplaces like eBay, be sure to check seller reviews and reputation level before deciding to buy a product. New accounts or accounts with comments accusing the seller of being a scammer or posting fraudulent listings should be red flags.
    • Avoid shopping while using public computers or public Wi-Fi.
    • Use a credit card or payment option with online fraud protection.
  1. Recognizing Phishing Emails
    Phishing emails look like legitimate company emails and are designed to steal your information. They usually contain a link to a website that will ask for your login credentials, personal information or financial details. These websites are clever fakes designed to take your information and pass it back to the cybercrooks behind the scam.

    In general, if you are not expecting an email from that company, you should be suspicious. Other tell-tale signs of phishing emails are as follows:

    • The email is not addressed to your full name. It will use generic terms like “Dear Customer.”
    • The email contains grammatical or spelling errors.
    • The email asks for personal information.
    • The email contains urgent or threatening language.

    If you think you have received a phishing email, do not click on any links or open any attachments. To be sure, log directly into your relevant account to check for updates or messages or contact the company directly through their website.

    Take our Phishing Quiz to see if you are able to identify phishing emails.

  1. Check Your Financial Statements
    Be sure to monitor your bank accounts and credit card statements for suspicious activity on a weekly basis. If you spot something unfamiliar or see transactions that you are not aware of, it could be a sign that you are compromised.

    Report potential fraud to your bank as soon as possible by calling your bank directly and asking to be connected to the fraud department.

  1. Ransomware 101
    Do you have files on your computer that you care about? Maybe your photos from the last five years? An extensive music library? Copies of resumes, address books, course work or other documentation?

    Do you have a backup of all of that data? You should.

    Ransomware is a type of malware that infects your computer, locking files or restricting your access to the infected systems. Ransomware attacks attempt to extort money by displaying an alert to victims, typically demanding that a ransom be paid in order to restore access to your system or files.

    It’s not just businesses that are targeted by ransomware creators. In fact, home users are often an easier target as most have no data backups, a lack of awareness and little to no cyber security education.

    It all happens in a matter of seconds. You’ve clicked a link in an email or downloaded a malicious document. In a few seconds, all their data will be encrypted and they’ll have just a few days to pay hundreds of dollars to get it back. Unless you have a backup.

    So, how can you protect yourself against ransomware attacks? Here are our top 5 tips:

    • Don’t store important data only on your PC.
    • Have one or two different backups of your data. Use an external hard drive or a cloud offering.
    • Keep your operating system, virus protection and software up to date, including the latest security updates.
    • Don’t open attachments or click on links in suspicious emails. Even if you know the sender, if it doesn’t feel right, delete it.
    • Consider using an ad-blocker to avoid the threat of malicious ads.
  1. Wi-Fi Usage
    Stay safe on public Wi-Fi. In general, don’t interact with websites that require your financial or personal details while you are using public Wi-Fi. Those activities are best kept on secure home networks.
    If you are using public Wi-Fi, avoid unsecured Wi-Fi signals and, where possible, connect using a virtual private network (VPN)
  1. Stop Clicking. (or Recognizing Common Scams.)
    Did you receive an email from your bank asking you to log in and provide your Social Security number or date of birth in order to resolve an issue on your account? Don’t click it.

    PayPal emailed you warning that your account was suspended temporarily and provided you a link to update your account details? Don’t click it.

    Yay! Someone sent you a gift card out of the blue! Just log in to redeem it! Don’t click it.

    There are a lot of scams out there. But you don’t need to live in fear online as many of them follow a similar pattern and can be avoided with a few safe practices. In general, if someone is offering you something for free, you should approach with suspicion and caution. For your financial or commercial accounts, do not click on links in emails, instead go to the official website and log in directly to your account to check for updates.

    And check out the FBI’s list of Common Fraud Schemes.

About Cybersecurity Awareness Month

The 15th annual National Cybersecurity Awareness Month (NCSAM) highlights user awareness among consumers, students/academia and business. NCSAM 2018 addresses specific challenges and identifies opportunities for behavioral change. It aims to remind everyone that protecting the internet is “Our Shared Responsibility.”

In addition, NCSAM 2018 will shine a spotlight on the critical need to build a strong, cyber secure workforce to help ensure families, communities, businesses and the country’s infrastructure are better protected through four key themes:

  • Oct 1-5: Make Your Home a Haven for Online Safety
  • Oct 8-12: Millions of Rewarding Jobs: Educating for a Career in Cybersecurity
  • Oct 15-19: It’s Everyone’s Job to Ensure Online Safety at Work
  • Oct 22-26: Safeguarding the Nation’s Critical Infrastructure

Learn more at StaySafeOnline.org.

Infographic: Ransomware’s Devastating Impact on Real-World Businesses

Still relatively new to the cyber threat landscape, ransomware continues to be one of the high-profile malware types that grab headlines. It’s one part Hollywood-style drama mixed with the “mystery” of cryptocurrencies and the seemingly personal nature of ransomware attacks.

But it’s not hyperbole. Ransomware remains one of the most malicious cyberattacks that can cripple a business. SonicWall’s new infographic highlights composite data that demonstrates how ransomware impacts businesses’ ability to operate.

So, how do you prevent your organization from being severely disrupted by ransomware? The best approach is to use multiple layers that deliver automated, real-time breach detection and prevention. While this isn’t an exhaustive list of all security options, these cornerstone tactics will mitigate most of today’s most malicious cyberattacks, including ransomware.

How to Block Ransomware

Businesses have no choice but to proactively mitigate ransomware attacks. But is there a proven approach that can cost-effectively scale across networks and endpoints? Four key security capabilities make full ransomware protection possible.

  1. Next-Generation Firewall

    Detect and prevent cyberattacks with power, speed and precision.
    Next-generation firewalls (NGFW) are one of your first lines of defense against hackers, cybercriminals and threat actors.

    For example, SonicWall firewalls deliver real-time, cloud-based threat prevention, while augmenting the security from on-box deep packet inspection of SSL traffic (DPI-SSL). And all new SonicWall firewalls integrate with our award-winning network sandbox for advanced threat protection.

  2. Network Sandbox

    Identify and stop unknown attacks in real time.
    A network sandbox is an isolated environment on the firewallthat runs files to monitor their behavior. SonicWall Capture Advanced Threat Protection (ATP) is a multi-engine sandbox service that holds suspicious files at the gateway until a verdict can be achieved.

    Capture ATP also features Real-Time Deep Memory InspectionTM (RTDMI). RTDMI is a memory-based malware analysis engine that catches more malware, and faster, than behavior-based sandboxing methods. It also delivers a lower false-positive rate to improve security and the end-user experience.

  3. Email Security

    Filter email-borne attacks before they hit your network.
    Secure email solutions deliver comprehensive inbound and outbound protection from advanced cyberattacks, including ransomware, phishing, business email compromise (BEC), spoofing, spam and viruses. Proven solutions will be available in on-premise email security appliances and hosted secure email.

    SonicWall Email Security also integrates with Capture ATP to protect email from advanced threats, such as ransomware and zero-day malware.

  4. Advanced Endpoint Client Security

    Block ransomware before it compromises user devices.
    Traditional antivirus (AV) has been trusted for years to protect computers. This was a sound approach when the total number of signatures required numbered in the hundreds of thousands. Today, millions of new forms of malware are discovered each month.

    To protect endpoints from this endless onslaught of malware attacks, SonicWall recommends using a next-generation antivirus (NGAV) solution that can monitor the behavior of a system to look for malicious activities, such as the unauthorized encryption of your files.

    For example, SonicWall Capture Client delivers advanced malware protection and additional security capabilities for SonicWall firewall

Ransomware remains one of the most damaging cyberattacks to businesses. Follow these four ransomware protection best practices to help ensure ransomware does not impact your ability to operate.

Advancing Beyond Hygiene to Next-Gen Email Protection Services

This story originally appeared on MSSP Alert and was republished with permission.


Most of us have a love-hate relationship with email. It’s been around for what seems like forever and while new channels of communication like Slack are making inroads, email is still the primary means of communicating in most organizations.

Since it is so ubiquitous, we know it will be a primary target of malicious attackers. Because of the attack surface area, attackers have been targeting email as a point of entry into organizations for over a decade. Most companies have responded with some form of email security solution. However, there seems to be a disconnect in outcomes versus goals in the industry.

For instance, 90 percent of current attacks against organizations use spear phishing as the primary means of breaching those organizations, yet most people would say they have email security in place.

Preventing Spam is Only the First Step

The major problem we are having as a security industry is that most people believe they have “security” for their email systems, but what they really have is hygiene. Email hygiene can be defined as “the process of keeping the inbox clean by keeping spam and unwanted advertisements away.”

It’s easy to think that hygiene is security because when email was new, spam was the major source of annoyance and security breaches — we’ve all dealt with Nigerian prince scams.

According to a recent FBI Public Service Announcement, business email compromise is a $12 billion problem today. Anti-malware and anti-spam are hygiene tools provided for free by cloud service providers, such as O365 and G Suite, as part of their mailbox functionality, but these tools do not stop evolving, sophisticated attacks.

Unfortunately, security industry nomenclature to customers hasn’t changed. The consequence has been continual breaches in organizations that believe they have security in place, but the reality is the hygiene solutions they have in place aren’t up to the task of stopping advanced email penetration techniques.

We need to move our language more toward discussing hygiene solutions and advanced email security solutions. What customers need isn’t email security (aka hygiene) but next-generation email security focused on identifying advanced threats. A next-gen email security solution should include:

  • Targeted phishing and email fraud protection
  • Unknown threat detection capabilities beyond just a “sandbox”
  • Compatibility beyond on-premises email server to O365, Gmail, etc.
  • Outbound protection to minimize potential data leakage
  • Hygiene capabilities as needed

Next-Gen Email Security Opportunity

While education is required, customers are starting to realize the need to supplement the native security functionalities with dedicated advanced threat protection (ATP) capabilities.

Gartner says over 50 percent of customers will look for dedicated security tools. MSSPs should look to provide a next-gen email security solution to their customers. This not only solves a real customer problem, but can also:

  • Increase your monthly recurring revenue with a next-gen email security solution as an additional value-added service for your customer
  • Lower analyst workload by blocking threats proactively
  • Enable better translation to real business impact – email addresses are associated with real people in the business rather than just an IP address
  • Reduce risk of liability – if customers are better protected, the chance of a significant breach is lower
  • Ride on the Microsoft Office 365 wave

The transition to Microsoft Office 365 (O365) is interesting as it both presents an opportunity and creates additional fear, uncertainty and doubt in the market. Businesses realize the benefits of moving their IT to the cloud (lower total cost of ownership, easier management, etc.) and email Exchange server was one of the first to move to the cloud.

However, O365 customers are often unsure of the level of security they get. An SMB customer typically evaluates the two Exchange Online Protect plans (EOP 1 and EOP 2). Let’s see what the customer is paying for:

  • In EOP 1, for $4/user/month, customers get the mailbox functionality and known malware protection included with anti-spam and anti-virus. Customer must upgrade to EOP 2 plan at $8/user/month for the addition of DLP functionality.
  • What’s not included is the ATP sandbox. If a customer wants that protection against today’s advanced threats, he needs to pay an additional $2/user/month for the add-on service.

Powering Your Advanced Email Protection Service with SonicWall

This opportunity is ripe, so it’s important that you not only find an effective technology, but a partner that will help you enable your service quickly. To protect against today’s advanced threats, SonicWall’s award-winning solution provides a multi-layered defense mechanism:

  • A multi-engine sandbox to catch the most evasive of malware. Our sandbox supports and scans extensive file attachment types and can scan over 70 percent of the files in under five seconds.
  • To stop spoofing attacks, business email compromise and email fraud, powerful email authentication, including SPF, DKIM and DMARC, is automatically included.
  • In-house anti-phishing, anti-spam and multiple anti-virus technologies protect against known threats.
  • Real-time threat intelligence feeds powered by Capture Labs that include signatures of newly found threats and IP based reputation for URL filtering.

Purpose-Built for MSSPs

The SonicWall secure email platform is built with MSSPs in mind to not only reduce the cost of management, but to ensure your brand is at the forefront:

  • Multi-tenant platform with flexible deployment options – hardware, software, virtual and cloud
  • Customizable branded experience
  • Integration with restful APIs and syslog alerting
  • Built-in O365 integration

The SonicWall SecureFirst MSSP program will help you implement the email security solution quickly, reduce time to market and take advantage of this great market opportunity. Some of what the MSSP program includes:

  • Service description templates
  • MSS pricing option
  • MSS specific setup and operation guides

MSSPs have a major opportunity here to educate their market on the differences between hygiene and security. And SonicWall’s MSSPs are doing exactly that.

A case in point: According to Erich Berger of Secure Designs Inc., a SonicWall SecureFirst MSSP Partner: “Within an hour of being installed it saved one particular customer from an Emotet infostealer malware variant.”

SonicWall Email Security Wins Coveted 2018 CRN Annual Report Card (ARC) Award

Once again, SonicWall Email Security has been recognized at the top of its class for protecting the No. 1 threat vector: email. The solution was named the overall winner by sweeping the 2018 CRN Annual Report Card (ARC) email security category.

The solution has won three prestigious security awards to date in 2018. This is a testament toward the innovation and effort the SonicWall team has invested the last 18 months in key focus areas: advanced threat protection, administrative ease, product support and channel enablement.

“An ARC award is one of the industry’s most prestigious honors. It symbolizes a vendor’s dedication to delivering high quality and innovative product and program offerings to their channel partners,” said Bob Skelley, CEO, The Channel Company. “CRN’s Annual Report Card provides solution providers with the rare opportunity to offer their invaluable insight on vendors’ products and services, as well as their partner programs. As a result, the technology suppliers are equipped with actionable feedback to bolster their efforts to remain the best-of-the-best.”

The Annual Report Card summarizes results from a comprehensive survey that details solution provider satisfaction across product innovation, support and partnership for hardware, services and software vendors. The vendors with the highest ratings are named to the prestigious Annual Report Card list of winners and celebrated as best-in-class by their partners.

The results also provide the IT vendor community with valuable feedback — directly from their solution providers — that can be used to refine product offerings, enhance support and improve communication with partners.

This year’s group of honorees was selected from the results of an in-depth, invitation-only survey by The Channel Company’s research team. More than 3,000 solution providers were asked to evaluate their satisfaction with more than 65 vendor partners in 24 major product categories.

SonicWall Email Security is a multi-layer solution that protects organizations against advanced email threats such as targeted phishing attacks, ransomware and business email compromise. The key capabilities include:

  • Real-time threat intelligence feeds from over 1 million security sensors deployed globally and delivered through the SonicWall Capture Cloud Platform.
  • Dynamic scanning of suspicious email attachments and embedded URLs using the award-winning, multi-engine SonicWall Capture Advanced Threat Protection (ATP) sandbox service with Real-Time Deep Memory Inspection (RTDMITM).
  • Anti-phishing technology uses a combination of methodologies such as machine learning, heuristics, reputation and content analysis.
  • Powerful antispam and antivirus engines to protect against known malware and spam.

The solution can be deployed as hardened physical appliances, robust virtual appliances or a resilient cloud email security service. And whether an organization uses on-premises email servers or cloud services, such as Microsoft Office 365 or Google G Suite, SonicWall’s solution delivers best-in-class threat protection through seamless and simple integrations.

Given that email continues to be a top attack vector in the cyber arms race, SonicWall is committed to enhancing the solution to better protect its users from advanced email threats.

The 2018 Annual Report Card results can be viewed online at www.crn.com/arc.

Report: Low Confidence in Stopping Business Email Compromise (BEC), CEO Fraud

Email is the primary tool for business communications and it’s used across the globe by organizations of all sizes. So, it’s no surprise that email is also today’s No. 1 threat vector for cyberattacks.

The cyber threat landscape has evolved to a great extent. Today, email attacks are highly targeted and cybercriminals engage in extensive social engineering activities to learn information about their targets in order to craft personalized emails.

Such targeted and sophisticated phishing attacks have a higher success rate than mass campaigns. Users implicitly trust a familiar name or email with personal information. These email may contain malicious attachments, weaponized URLs to deliver malicious payloads, phishing websites with fake login pages to steal login credentials, or malware-less email that seeks confidential information or a wire transfer.

With the changing threat landscape, coupled with the lack of human and financial resources to keep pace, organizations find themselves as susceptible targets for email-based attacks, such as spear-phishing and CEO fraud/business email compromise (BEC).

To that end, SonicWall recently worked with the Osterman Research and surveyed organizations to understand:

  • What are the top concerns for IT security decision-makers?
  • Why are cyberattacks succeeding?
  • How do you evaluate your current security posture?

Some of the key survey findings include:

  • Cyber threats are becoming more sophisticated as well-financed cybercriminal gangs develop improved variants of malware and social-engineering attacks. The perceived effectiveness of current security solutions is not improving – or is actually getting worse – for many organizations.
  • Most decision-makers have little confidence that their security infrastructure can adequately address infections on mobile devices, CEO fraud/BEC and preventing user’s personal devices from introducing malware into the corporate network.
  • To address the worsening threat landscape, security spending at mid-sized and large organizations will increase by an average of seven percent in 2018 compared to 2017.

The white paper also discusses the level of confidence that security professionals have in defending against these advanced threats. For example, 58 percent of those surveyed believe that their current solutions to eliminate malware before it reaches end users are either “very good” or “excellent,” and 55 percent believe that their ability to protect users from ransomware is this effective.

Unfortunately, things get worse from there: fewer than half of respondents believe their ability to block phishing attempts from end-users, eliminate account takeover attempts before they reach senior executives, and protect sensitive data is either “very good” or “excellent.”

Finally, some best practices that decision-makers must consider to protect against these advanced threats are:

  • Deploy a multi-layer approach for email security
  • View security holistically from cloud services to endpoint, with end-to-end monitoring
  • Train all users, including senior executives
  • Use adequate threat intelligence
  • Establish detailed and thorough policies

Get the In-Depth Osterman Report

Download the exclusive Osterman white paper, “Best Practices for Protection Against Phishing, Ransomware and Email Fraud,” compliments of SonicWall. The paper explores issues that security professionals face, how to evaluate your current security posture and best practices to consider implementing for sound email security.

Email Security with Continuity, Multi-tenancy

Email is vital to business communications and operations. However, as the volume of email increases, so too does the amount of ransomware, phishing, business email compromise (BEC), spoofing, spam and virus attacks.

What’s more, government regulations (e.g., PCI, HIPAA, GDPR, etc.) now hold your business accountable for protecting confidential data, ensuring it is not leaked and supporting the secure exchange of email that contains sensitive customer data or confidential information.

Deploying and maintaining an on-premises email security solution is CAPEX-intensive and creates administrative overhead. Organizations can benefit from replacing legacy solutions with an easy-to-use, affordable cloud-based security solution. This helps protect organizations from email-borne threats such as ransomware, zero-day attacks, spear-phishing and BEC ─ all while meeting email compliance and regulatory mandates.

The new SonicWall Email Security 9.1 solution now includes email continuity to minimize business impact during planned and unplanned outages to your email servers.

Hosted Email Security

SonicWall HES is a cloud-based, multi-tenant security service that protects against today’s advanced email threats.

Hosted email security

SonicWall Hosted Email Security (HES) offers comprehensive cloud-based email protection to stop ransomware and other email-borne threats before they reach your network.

Email attachments are scanned by the SonicWall Capture Advanced Threat Protection (ATP) service, a multi-engine sandbox that automatically detects and prevents advanced threats from reaching your network. The solution blocks ransomware and zero-day threats in the cloud and ensures only safe emails are delivered to your inbox. Get the scalability you need with no upfront costs and predictable subscription rates.

SonicWall Email Security 9.1 firmware

With focus to improve our email security solution to better protect and enable our customer’s businesses, SonicWall is releasing an update to its firmware with security enhancements, updated and modern UI, and the following features.

Why email continuity is important

Business are global, operate 24/7 and depend on email. Outages to email services have significant impact on an organization’s productivity and disrupts business.

Traditional approaches to email continuity — designed to ensure high availability with on-prem email deployments — have proven costly and ineffective. In many cases, this leaves organizations with continued outages.

Small- and medium-sized business (SMB) can rarely justify the cost of building a highly redundant messaging infrastructure. Moving to cloud-based solutions enables organizations to lower costs and deliver better service, but outages are inevitable.

For example, Microsoft Office 365 claims a high degree of service availability (via their service-level agreements, or SLAs) at a global level, but when individual regions or businesses are involved, impact can be high. (For a helpful resource, outages to cloud service providers are recorded at downdector.com.)

Email continuity for SonicWall HES

SonicWall HES delivers simple, cost-effective protection against planned or unplanned downtime events, whether your email servers are on-premises, hybrid environments or in the cloud.

Email Continuity Infographic

Achieve 24/7 service availability with email continuity.

With SonicWall Continuity for Hosted Email Security,* ensure emails are always delivered and productivity is not impacted during planned and unplanned outages of on-prem email servers or a cloud provider, such as Office 365.

During outages, users can access a secure, browser-based Emergency Inbox to compose, read and respond to messages. Email spooling ensures no messages are lost when email servers are unavailable, and delivers them when the servers are up.

Managed service providers

When investigating an email security offering best suited for their customers, managed service providers (MSP) should not only select the most comprehensive solution, but also one that enables them to differentiate.

By deploying SonicWall Email Security, MSPs can deliver a managed email security service with robust multi-tenancy support, customized environment configurability for Microsoft Office 365, and an advanced security platform. The solution’s MSP-friendly capabilities include:

  • Flexible deployment options
  • Enhanced multi‐tenancy
  • RESTful APIs
  • Easy integration with Microsoft Office 365
  • Customized branding
  • Comprehensive reporting and monitoring

For more details, explore our resources for Email ContinuityMulti-tenancy for MSPs, and SonicWall Hosted Email Security.

* Continuity for Hosted Email Security will be available as an add-on subscription beginning February 2018. For more details, visit mysonicwall.com or contact your preferred SonicWall partner.

Phishing Threats – How to Identify and Avoid Targeted Email Attacks

Phishing threats have been around for years. By now anyone can easily detect a fake email, right?

Wrong. How confident are you that you wouldn’t divulge your password, credit card info or online identity? Here is a quick refresher on phishing threats and what you can do to protect yourself.

What is Phishing?

As you may already know, phishing threats involve malicious emails that attempt to get you to disclose your personably identifiable information (PII) to compromise your personal identity or corporate data.

Hackers create emails that look like official communications from familiar companies. These are sent to millions of unsuspecting addresses in hopes that someone will follow the links and share sensitive information that the hackers can exploit. These phishing emails employ a variety of techniques.

How to Spot Phishing Attacks

The best way to protect yourself from phishing threats is to recognize and avoid these common phishing tactics:

  • Generic greetings: The opening lines of phishing emails are often very vague and general in nature.
  • Typos or Poor Grammar: A poorly written email is less likely to have come from a legitimate company. In addition, do not be tricked if the email happens to include a legitimate-looking logo.
  • Urgency: Phishing emails often sound alarmist, trying to scare you into taking action (and sharing your information) immediately.
  • Fake Links: Phishing emails routinely obscure the URL addresses, and instead take you to an unsecured site where your sensitive data is solicited. To see exactly where a link will take you, simply hover over it. If in doubt, don’t click it. Instead, open a new browser session and manually enter the address (i.e., don’t copy and paste) you want to visit.
  • Attachments: Delivered via email attachments, malware that is executed (i.e., the attachment is opened) allows a hacker to exploit vulnerabilities on your computer Never open an attachment unless you are sure it is legitimate, safe and expected. Be cautious with any unexpected invoices from companies you’re not familiar with, as attachments might contain malware that installs upon opening.
  • Spoofed Sender: Makes it easier for a hacker to impersonate someone you’d normally trust (e.g., coworker, bank, government agency)

Take the Phishing IQ Test

Interested in seeing how well you are at telling the difference between a legitimate website and one that is a phishing attempt? Take the SonicWall Phishing IQ Test to find out.

Innovate More, Fear Less at CETPA 2017 with SonicWall for Your School Network

Recently, the personal information of Palo Alto High School students was published via a website that allowed students to see class rankings, grade-point averages and identification numbers. Is your school network at risk?

Know your best defense against new threats. Join SonicWall at Booth 904 at the 2017 CETPA Annual Conference on Nov. 14-17 in Pasadena, California. With over 3,000 K-12 schools and districts relying on SonicWall next-generation firewalls and real-time automated breach detection and prevention with SonicWall Advanced Threat Protection cloud sandboxing service, we’ll be onsite to share our expertise on the latest threats and best practices to stop cyber attacks.

Can’t-miss highlights include:

  • Solving Real-world Network Security Issues in Today’s K-12 Campus Environment
    • Speaker: Jenna Burrows, Director of Business Services, Calistoga Joint Unified School District.
    • Date & Time: 4 p.m., Nov. 14
    • Location: Room 204
    • Learn how this district, with the help of SonicWall Silver partner Napa Valley Networks, provides over 900 students and staff with secure, uninterrupted network access, protects students from harmful web content and stops hackers from stealing confidential records. We’ll also explore advantages of a managed SonicWall’s Security-as-a-Service (SECaaS) approach to network security.

“It’s really hard for districts, at any point, to have to lay out a large amount of money,” for projects of this type, says Burrows. “It’s just not reasonable. There’s really no value in us purchasing it outright, and then, say, it’s obsolete in a couple years anyway. It makes a lot more sense for us to do it monthly. It (SonicWall Security-As-A-Service) provides more flexibility but it’s also much more reasonable in terms of breaking out the costs, not having to pay a large upfront amount.” said Jenna Burrows, Director of Business Services, Calistoga Joint Unified School District.

  • Vendor Shootout: Capture Advanced Threat Protection Sandbox
    • Presenter: Tim Johnson, System Engineer, SonicWall
    • Date & Time: 8 a.m., Nov. 16
    • Examine and compare the effectiveness of SonicWall’s Capture ATP, a leading cloud sandboxing solutions in preventing zero-day and advanced threats. Following the shootout, discuss your specific needs with our experts at booth 904 in the exhibit hall from 9-4 p.m.
  • SonicWall Live Demos
    • Date & Time: 9-4 p.m.

Throughout the event, we’ll be showcasing the SonicWall Advanced Threat Protection sandbox service, the new SonicOS 6.5, NSA 2650 next-gen firewall, SonicWave Wireless Access Points,  Cloud Analytics and Secure Mobile Access 12.1 with ongoing demonstrations focused on:

  •  Advanced Threats: Watch our award-winning multi-engine sandbox, SonicWall Capture ATP, scan network traffic in the cloud, and block unknown files until our Capture Threat Network reaches a verdict in near real-time.
  • Encrypted Threats: Most web-based malware is hidden by SSL/TLS encryption. Watch our DPI-SSL uncover hidden malicious attacks, block C&C communications and stop data exfiltration.
  • Wireless & Mobile Threats: Wi-Fi and mobile devices present a major security risk for students, faculty and administrators. View our Wireless and Mobile Access solutions, including the new Secure Mobile Access (SMA) 12.1 and SonicWave 802.11ac Wave 2 wireless access points.
  • Email Threats: Email remains a primary vector for attacks, such as ransomware. Discover how our next-gen Email Security solution can block spoofed email attacks with hosted and on-premise configurations.
  • Restricted Web Content: Protect students and employees, and meet K-12 regulatory compliance. Watch our Content Filtering Client block inappropriate, unproductive, illegal and malicious web content on school-issued devices taken off campus.

SonicWall is dedicated to helping K-12 schools and districts innovate more and fear less. Realize the promise of technology-driven learning environments, on campus and over the web.

Join us at the 2017 CETPA Annual Conference, tune in via Twitter #CETPA2017 and follow @SonicWall.

7 Email Security Best Practices for Office 365 in the Cloud

Cloud applications are not quickly approaching — they’re here. As organizations strive to manage costs and resources, solutions that are affordable, scalable and functionally robust are most appealing. Cloud applications promise to deliver this and more. For these reasons, adoption is accelerating.

Microsoft is at the forefront of the cloud application wave. Their Office 365 service enables workplace collaboration with not only a core email application, but also many popular Microsoft Office apps.  However, Office 365’s potential for open exchange of information also makes it a prime target for hackers.

Migrating To Cloud Services While Ensuring Security

Well-informed organizations are keenly aware that modern emerging threats exploit email as the primary mechanism for delivering their payload, and thus are evaluating more leading-edge security solutions. Targeted, coordinated attacks, data leaks and email-borne threats (including ransomware, phishing and spam attacks) all threaten cloud-based email services, such as Office 365.

Although Office 365 does include some security measures, prudent organizations recognize the need to reinforce these elementary security controls. According to Gartner, “By 2018, 40% of Office 365 deployments will rely on third-party tools to fill gaps in security and compliance, which is a major increase from less than 10% in 2015.”

Furthermore, leading industry analysts, including Gartner and IDC, recommend reinforcing Office 365 by integrating third-party email security solutions that, at a minimum, provide the following essential components:

  1. Advanced threat protection: Most anti-virus solutions are signature-based, and therefore ineffective against advanced threats such as ransomware. A sandbox environment is required to detect and prevent ransomware and zero-day attacks before they even reach your network.
  2. Known threat protection: For effective security against attacks leveraging known malware, we recommend using multiple virus detection engines to scan email messages and attachments for viruses, Trojans, worms and other types of malicious content.
  3. Phishing protection: Phishing campaigns have emerged as the method of choice for delivering ransomware. Proper mitigation requires an email security solution that incorporates advanced analysis of an email’s subject, body and attachment by leveraging a sandbox environment.
  4. Fraud protection: Hackers utilize advanced tactics such as spear phishing, whaling and CEO fraud to solicit for personally identifiable information (PII), or to carry out fraud by impersonating emails from within the organization. Granular configurations for email settings, including SPF (Sender Policy Framework), DKIM (Domain Keys Identified Mail) and DMARC (Domain-based Message Authentication, Reporting and Conformance). These can help prevent illegitimate messages from entering your organization.
  5. Spam protection: To ensure spam does not clog inboxes and network resources, your organization needs an email security solution that leverages multiple methods of detecting spam and other unwanted email, including using specific allowed and blocked lists of people, domains and mailing lists; and the ability to enable third-party blocked lists.
  6. Advanced Reputation Management (ARM): A collaboration of multiple, cross-verified SonicWall Capture Threat Network sources, including SonicWall Advanced Content Management (ACM), provides dynamic, up-to-date analysis of email component reputations.
  7. Data loss prevention: An organization’s most sensitive communications require the utmost protection. The best measure is to encrypt sensitive emails and attachments using a service that works in tandem with email security.

How Sonicwall Hosted Email Security For Office 365 Can Assist

SonicWall Hosted Email Security (HES) is a multi-layer defense service that integrates with SonicWall Capture Advance Threat Protection (ATP), delivering fine-grained and user-transparent inspection of SMTP-based traffic to block zero-day threats.

SonicWall HES also includes advanced compliance scanning, management and optional email encryption, to prevent confidential data leaks, regulatory violations and to ensure the secure exchange of sensitive data.

With SonicWall HES, no additional client software is necessary. In addition, the service includes DMARC, a powerful email authentication method that helps identify spoofed mail, reducing advanced phishing attacks.

SonicWall HES enhances Office 365 using a multi-layer defense approach for industry-leading protection against advanced threats delivered via email. It also delivers superior anti-phishing, anti-spoofing, anti-spam, multi-engine AV and data loss prevention (DLP) for comprehensive protection.

Embrace The Cloud

Don’t let threat actors, criminals and nefarious organizations ruin the benefits your organization receives from workplace collaboration. Once integrated into Microsoft Office 365, SonicWall HES provides unparalleled breach prevention capabilities that defend against advanced threats originating from emails.

To learn more about how SonicWall HES protects your organization and enhances Microsoft Office 365, read more via the Tech Brief: Click here.