We need to talk about SEGs

By Paul Chapman CEO of Aquilai

Feb 2020

In the world of email security, SEGs have traditionally played a really important role.  Formally known as Secure Email Gateways, SEGs monitor a company’s email traffic to help ensure unwanted items – such as spam, phishing emails, and malware are detected and stopped. SEGs usually come in the form of either software or a device and can be cloud-based or located on the company’s premises. But the large scale migration of email to the cloud has necessitated a strategic shift in how to secure this communication channel. In the UK there are a number of traditional SEGs, including Proofpoint Essentials, Mimecast Secure Email Gateway, Barracuda Essentials, IRONSCALES, and Cisco Cloud Email Security.

The primary objective these traditional SEGs is the same― to keep organisations safe from outside forces intent on infiltrating, compromising, and crippling a company, by way of email.  Paid services or software, these email security platforms are designed to provide an added layer of protection in the fight against phishing.  But are they enough?  Until recently, they were simply the best there was to offer. However, the phishing problem has grown beyond them as the gravitational pull of Google and Microsoft towards their respective cloud office systems, is now exposing the flaws that trust based systems have against impersonation and takeover attacks. Gartner now recommends addressing these gaps by adding a cloud email security supplement (CESS)  

Aquilai is a cyber security company which specialises in advanced phishing detection for cloud- based emails like Office 365 and G- Suite. Aquilai was the GCHQ pick for innovating in phishing detection and went through the GCHQ cyber accelerator in 2017. This allowed our technology to be shaped and guided by the experts at NCSC and GCHQ.  The company’s flagship product, known as Ajax Intelligence, leverages the power of multiple algorithms and machine learning to identify even the most well-disguised types of phishing attacks including zero days and compromised accounts.  

But more than that we tell the user why the system thinks their emails are dangerous and how they can spot these tactics & techniques in the future. This augments the user’s training, delivering lasting results. The solution is the most advanced in the world and is available to all English-speaking countries.  

Ajax Intelligence deploys in 30 minutes, is simple to administer, and works seamlessly on all devices with no agent needed.

To better understand how Ajax intelligence compares, consider this list of pros and cons, derived from interviews with traditional SEG reviewers and users: –

CON: The installation process of Proofpoint Essentials can be time consuming and cumbersome.

PRO: With Ajax Intelligence, you don’t need to change your DNS records or make other public, disruptive changes to protect yourself. Ajax Intelligence uses the latest Microsoft technologies to vastly simplify setup and deployment; customers are up and running and protected in under an hour. And unlike other solutions, Ajax Intelligence supports a staged roll-out to groups of users at a time, rather than requiring a single cut-over.

CON: The Mimecast Secure Email Gateway admin console isn’t that easy to navigate.

PRO: Ajax Intelligence offers users an advanced admin platform that provides compete visibility into the threats facing your organisation and what is being blocked.

CON: With Barracuda Essentials, spam messages still tend to slip through and the reporting and admin controls could be more advanced.

PRO: Ajax Intelligence catches pretty much everything. Ajax Intelligence is catching and alerting to tens of thousands of malicious emails that were missed by the SEGs.  As for the admin controls, they’re easy to use and full of strong reporting,

CON: When using IRONSCALES, the ‘report phishing’ button only works in Outlook.

PRO: With Ajax Intelligence, you don’t have to ‘report phishing’ because we do the job for you!  Ajax Intelligence finds the threats, classifies them as suspicious or phishing with coloured warning banners. Admins can even toggle banners on or off and create rules to move detected phish straight to junk folder.

CON: The Cisco Cloud Email Security service was not the easiest to learn and it’s difficult to use on mobile.

PRO: Ajax Intelligence works with any mail client, and on any device.  Plus, warning banners appear directly in the email (desktop and mobile) alerting the user whether the message is External, Suspicious, or a confirmed deceptive phish. The email banners are stripped from outbound email replies and uniquely the banners are clickable giving real time information to users on why any particular email was suspicious or dangerous. This method allows your employees to stay safer and better retain training as they see the tactics and techniques used by cyber criminals with real life examples.

The criminal’s tactics are changing and while there may be hundreds of secure email gateways to choose from, there is only one Ajax Intelligence. Companies that become victims to phishing scams often find their bank accounts and reputations destroyed.  For Office 365 users we see a large scale organised attacks using bought dark web phishing email templates configured to steal password credentials and compromise legitimate email accounts. The good news is we’re leading the world in cloud email security, and we want to help keep your company safe.

Learn more about our anti-phishing solution and how it can put your company in a safe place.