Blog

Blog

Top Threats to Cloud Email Security and How to Mitigate Them

A summary of common threats faced by cloud email systems beyond malware and data breaches, this blog provides actionable tips and best practices for businesses to protect their email systems.
Blog

Email Protection Strategies for Modern Enterprises

Modern enterprises need to be able to identify the tactics being used by cybercriminals in email attacks, especially those leveraging advanced technologies like AI. Find out what's at stake and how today's email security solutions can help mitigate these evolving attacks.
Blog

Microsoft Office 365 + Cloud Email Gateway: All You Need in a Cloud-First World

According to a recent Cloud Security Alliance report, 98% of organizations worldwide use cloud services, including SaaS applications, complete cloud-native networks, and email services. It’s an overdue modernization that eliminates physical infrastructure to drive cost savings and integrate services for improved productivityChasing this move, cybercriminals intent on account takeover are evolving...
Blog

Microsoft's Defender for Identity – Is it Enough?

In early 2023, Microsoft launched Defender for Identity which aims to offer visibility by helping to identify threats and provide actionable reports on attacks. But M365 security is not completely adequate for the modern enterprise and must be augmented by other data security solutions.
Blog

Microsoft 365's Good. Clearswift's SEG Makes It More Secure.

Microsoft 365 has certainly become a mainstay. In order to stay safe and secure, Fortra's Clearswift Secure Email Gateway provides an additional needed layer to Microsoft 365.
Blog

Advanced Information Security Features for Microsoft Office 365

In the last few years, Microsoft 365 (M365) has eclipsed all other cloud providers to emerge as the most widely used enterprise cloud service and the latest survey data shows that adoption of M365 is still increasing.It is not just impressive in its adoption rates, Microsoft has also been incremental evolving business technology; organizations now rely on cloud technology to function. However,...
Blog

September Was Insider Threat Awareness Month

Insider threats may not get as much attention as the outsider threats. Outsider threats are overwhelmingly malicious in intent. Organizations must protect their data with a strong barrier, because the “bad guys” are on the outside. However, inside the walls of an organization can be a disgruntled employee wanting to cause harm or an employee incentivized from outside the organization. Then of...
Blog

Office 365 + DMARC: Best Practices for Protecting Your Company & Customers From Phishing Attacks

In 2021, Gartner includes DMARC, or known by its full name as Domain-based Message Authentication, Reporting & Conformance, in its list of top 10 security projects. With very few exceptions, the best way for organizations to prevent getting impersonated in email attacks is to integrate DMARC into their Office 365-based email ecosystems.To understand why, let’s consider the benefits of deploying...
Blog

Photo Security: Why a Picture Is Worth a Thousand Files

Communication through photos and short videos have now become commonplace with applications like Instagram and TikTok. While this popular use of imagery feels safe, many may not realize that photos can also be used to inconspicuously share data or carry out a ransomware cyberattack. Explore the threats of steganography and why ignoring it can be a significant email security mistake.
Blog

How to Implement the BIMI-Selector Header for Multiple Brands

Wondering what Brand Indicators for Message Identification actually means? Here, we’ll cover the basics of BIMI, what the BIMI-selector header is, what it does, whether you need it, and how to implement it. But first, do you really need the BIMI-selector header? In most cases, you only need the BIMI-selector header if you want to support multiple logos for multiple brands or subdomains. Otherwise,...
Blog

Public Sector Cybersecurity Priorities in 2021

The Covid-19 pandemic has undoubtedly changed working patterns for good. What are the implications for public sector organizations and what can they do to improve their cybersecurity posture?
Blog

BIMI: What It Is & Why It Matters to Email Security

Curious how BIMI can protect your email? I’ll explain what BIMI is, how it works, and how you can use it to protect your brand’s email communications.What is BIMI?Brand Indicators for Message Identification, or BIMI, provides a standardized method for businesses to showcase their brand logo next to the subject line of their authenticated emails so they stand out in crowded inboxes, with built-in...
Blog

Office 365 Phishing Emails: Prevention, Detection, Response

Office 365 phishing emails come in common patterns. I'll list them here and also cover Office 365 anti-phishing features for prevention, detection, and response.Today, the typical Office 365 phishing emails direct users to fake Office 365 Sign-in pages. The victim submits their credentials, effectively handing over their password. Fraudsters use that login to access the victim’s address book, then...
Blog

Brand Indicators for Message Identification (BIMI) Adoption Soaring to New Heights

For a growing number of email marketers, it may be "BIMI or bust." As of June 30, nearly 5,300 companies have adopted Brand Indicators for Message Identification (BIMI), a new email standard for showcasing a brand's logo next to its email messages in recipient inboxes, with built-in protections against phishing-based brand spoofing.The tally reflects a 3.8X increase in the number of brands...
Blog

Phishing: With Zero-Day Email Attacks Rising, Are Some Companies Giving Up the Fight?

Amid a troubling rise in zero-day phishing attacks, recent research suggests that some companies may be making an ill-advised shift away from blocking advanced email threats to responding to them post-delivery. If true, the capitulation couldn't come at a worse time. Since January, cybercriminals taking advantage of the COVID-19 outbreak have been targeting businesses and individuals with an...
Blog

How to Prevent Phishing Attacks that Target Your Customers with DMARC and Office 365

Editor's Note: This post originally appeared on the Microsoft Security blog and has been republished here. You already know that email is the number one attack vector for cybercriminals. But what you might not know is that without a standard email security protocol called Domain Message Authentication, Reporting, and Conformance (DMARC), your organization is open to the phishing attacks that...
Blog

Current Email Architecture Transformation Raises the Bar for Security

Enterprise email architecture is evolving, which is good news for cybercriminals. Legacy secure email gateways (SEGs) simply don't provide full protection from today’s evolving and costly attacks, and cloud-based email requires a new security approach. In contrast, the next generation of email security—the AI-powered Secure Email Cloud—gives organizations more comprehensive security and better...
Blog

A Business World in the Clouds

Safeguarding Against the Security Pitfalls of Cloud-Based PlatformsMajority of us are intimately familiar with the concept of ‘the Cloud’, the seemingly omnipresent information sharing and storage solution. But how much do you know about the security systems that defend it? Most of you may already be using cloud-based programs such as GoogleDocs, DropBox or, more commonly, Microsoft 365 – the...
Blog

Enhancing Cyber Threat Protection in Microsoft 365

The National Cyber Security Centre (NCSC) has recently published an advisory report that explores the ways M365 can be compromised by malicious parties, explaining how cybercriminals can use compromised M365 accounts to obtain financial profit. Integrating advanced threat prevention and data protection features to a M365 platform can enhance the existing security capabilities it offers. Clearswift’s bolt-on solution for M365 be seamlessly implemented to enable deep content inspection of all email traffic through the platform – inbound, outbound and internal – in both email messages and attachments.