HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Email Security for MSPs

Many cybersecurity vendors offer advanced email security for MSPs and for good reason. The majority of cyberattacks start with a phishing email and attacks on managed service providers are increasing.

According to a Q3, 2019 report from the cyber insurance provider Beazley, ransomware attacks increased by 37% compared to the final quarter of 2018 and 25% of those attacks were on MSPs. Those attacks also impact the clients of MSPs, directly or indirectly. One successful attack on an MSP could see hundreds of businesses affected.

Many of the attacks occur via email. A response to a single phishing email can be all it takes for ransomware to be installed. One of the biggest threats comes from the banking Trojan Emotet. Emotet is also a malware downloader that is used to download Ryuk ransomware: A ransomware variant that has plagued the healthcare sector.

Emotet is constantly evolving and signature-based malware detection methods often struggle to detect Emotet. Signature-based email security for MSPs will not block these zero-day threats. To block new malware threats, an advanced spam filtering solution is required that does not rely totally on signature-based detection methods.

Advanced Email Security for MSPs is Now Essential

A large percentage of businesses use Office 365, but the standard protection provided by Exchange Online Protection (EOP) falls short of what is required. EOP can block around 99% of spam, but it doesn’t fare as well at blocking phishing attacks and zero-day threats. One study by Avanan showed a quarter of phishing threats bypass Office 365 security. An advanced third-party spam filtering solution layered on top of Office 365 will help to block more phishing threats and will better protect healthcare clients.

Advanced email security solutions use a variety of methods for identifying spam and phishing emails and will block a higher percentage of threats. Standard email security offerings use signature-based malware detection methods provided by embedded antivirus engines. The AV engines are constantly updated with new definitions as new malware variants are discovered. To improve protection, consider a spam filtering solution with dual anti-virus engines. If one AV provider does not yet detect a malware threat, you may be protected by the other.

To block zero-day threats – brand new malware variants – other features are required. Look for an email security solution that features a sandbox. Sandboxing allows unknown programs and files to be analyzed in safety. An in-depth analysis in the sandbox is likely to uncover attempted command and control center callbacks and other malicious actions, which will allow the threat to be detected and deleted. Without a sandboxing feature, those threats would likely be delivered to inboxes.

With an advanced email security solution, MSPs can give better value to their clients, block more phishing emails, and improve malware detection. Not only will that help them prevent data breaches, it will also save them many hours of work mitigating preventable attacks and devote those hours to profit-generating activities.