Can you defend against email threats better than the security companies?
How well do the main email platforms handle threats? Is it worth paying for additional email security from a third-party specialist? Or could you create your own secure email server and get top grade protection for free?
Compare a major email platform with a third-party service and an open-source solution
In this special, one-of-a-kind report we investigate how well one of the world’s largest email providers performs when trying to filter out harmful security threats from your email. We also assess the benefits of a well-known email security service that you can bolt onto any other email solution. And finally, we built an open-source email server running a combination of security and management tools to see how well it compared.
Criminals Target Email
All but the smallest of businesses use email. This is why criminals use email as a way to reach their victims. It’s cheap and easy for them to send malware, links to fake login pages and many other social engineering and technical tricks to break into business networks. So how can a large or small business protect itself?
Large email platforms such as Microsoft and Google claim to defend their users from threats like phishing and viruses. Third-party email security services like Proofpoint and Mimecast offer additional protection.
For the ultimate in control businesses can create their own secure email platforms using free, open-source software.
We wanted to answer the questions:
– Is there value to be had from specialist email security services?
– Should you run your own server?
– Can you combine your own server with a specialist service?
What Does Protection Mean?
Where email security is concerned you need to be sure that the system you use is safe against criminals who want to access your email messages. You also need to be sure that criminals have a hard time sending malicious emails to you, with the intention of gaining access to your computer systems through trickery or technical hacking. In other words, your main communication system with the world needs to stop threats and be resilient against intruders too.
It’s not a stretch to imagine that the major platforms (Google, Microsoft and Apple) are better equipped at keeping hackers out of your email archives than most other options. As long as you use good passwords and multi-factor authentication, it’s probably safe to trust them to keep your emails private.
But what about stopping phishing emails, viruses and other fraudulent messages?
DIY Email Security
In this report we compare a major platform with a third-party email security service to see if it’s worth spending extra on security. We worked with both companies but neither wished to be identified in this report.
We reported back to them all of the threats that they identified (and missed) and provided them with an opportunity to dispute any mistakes that they identified. This report is the result of that engagement.
We also used an off-the-shelf open source solution that combines the free ClamAV anti-virus software with the Rspamd anti-spam filtering system plus a host of other tools. We hope you find this report useful and food for thought when considering your email security strategy.