Are You Properly Protecting Your Email?

In the 2021 Verizon Data Breach Investigations Report, Verizon reported a significant increase in attacks that involved phishing, social engineering and ransomware. According to the report, this was true regardless of size of business. Again, the financial gains for cybercriminals is the main motivation.

A considerable amount of these attacks are delivered via email. Although, there is no 100% guaranteed way to protect a business, having a strategy that addresses the gateway, the inbox, and the user is crucial for businesses of all sizes. With the sophistication level of bad actors SMB’s need a multilayered approach to protecting their email to reduce the risks of breaches.

Let’s look at the different layers of protection.

The Gateway

At this level of defence, the goal is to stop inbound malicious email content from ever hitting the user’s inbox. The email gateway sits in front of the inbox filtering malicious emails. An email security gateway should protect against spam, malware, phishing (including spear phishing).

Generally, gateway solutions include email filtering, URL sandboxing, content inspection and email management. Many of these solutions also include email archiving and encryption.

The Inbox

The next layer of protection focuses on the inbox. The assumption is that a small percentage of malicious email will get through the gateway defences. Remember that all it takes is one malicious email to trigger a breach.

This layer of protects against malware, domain spoofing, phishing, impersonation, business email compromise (BEC), blackmail and data exfiltration attacks.

The technologies deployed at this level usually include solutions with artificial intelligence and machine learning capabilities. These engines provide detection, response, and remediation abilities.

As the sophistication level of attacks increases these types of solutions are crucial to reducing breach risks.

The User

The final layer in this multi-layered approach to protecting your email is empowering your end users. With the sophistication level of cyber attackers, it is possible that a malicious email may have gotten past the last two layers which leaves the end user as the last line of defence. Providing users with regular cyber awareness training helps turn them from the weakest link in the protection strategy to the strongest link.

There are various cyber awareness training programs out there. The key is to ensure that the program includes, training and testing and that it is done on a regular basis. The idea is not to punish people who may fall for malicious emails but to provide them with the empowerment and support they need to question and recognize suspicious emails.

It’s an important part of the multilayered strategy that is often overlooked by SMBs but that is important to the overall protection of their businesses.

Backup, Archiving and Continuity

An additional layer that should not be ignored and that is crucial to any recovery strategy is the backup and archiving of email data. If an outage occurs, security related or not, there needs to be a way to recover the lost data. This is where email backup and archiving solutions become extremely important to businesses.

In addition, thought should be given to a continuity strategy to ensure that the business can keep sending and receiving email during an outage because email continues to be the primary mode of communication and collaboration for most of us. The ability to continue communicate and collaborate both internally and externally is essential and needs to be addressed with proper solutions and services.


Email continues to be the single largest security threat for SMBs. Being prepared with a multilayer strategy to address this threat makes good business sense and should not be ignored.

Contact us to see how we can help you make sure your email data is protected.

Find a MicroAge near you

With a growing Network of independently owned locations (currently at 41) from coast-to-coast, MicroAge is Canada’s leading IT solutions and service provider focused mainly on small and midmarket businesses.

Most commented posts

Infrastructure informatique, IT infrastructure

5 Benefits of an Optimized IT Infrastructure

Is your current IT infrastructure helping your business thrive in its industry or creating obstacles for growth? If you’re still not using cloud technologies to…

Read More

3 Critical Cyber Threats For Businesses in 2019

Malware, vulnerabilities, and social engineering are some of the main concerns for IT security professionals. Although the tactics used to target businesses and individuals are…

Read More
Cloud Infrastructure hébergée

3 Advantages of Using Cloud Infrastructure

Everyone knows that cloud computing is a hot trend, and its adoption should only increase over the next few years. According to one study published…

Read More

What the End of Support for Windows Server 2008 Means for You

Cloud services that allow us to store data online are critical to the operations of thousands of businesses around the world. However, as technology marches…

Read More
audit tech

Back to the Office: Auditing Tech and Adjusting your Business

Many businesses were not ready for the global health crisis we were plunged into and needed to adapt quickly. Now that economies worldwide are reopening…

Read More