Intelligent CIO Middle East Issue 36 | Page 21

LATEST INTELLIGENCE At Proofpoint, we take a similar approach to securing your email. This guide explains how our multilayered defence uses identity control and content analysis to protect organisations from email fraud. people into doing something on the attacker’s behalf. Identity control: who’s really sending that email? If you can verify whether the email was sent by who it says it’s from – and block any impostors – you can stop many of these threats outright. Email fraud can be hard to detect with conventional cyberdefences. That’s because it is highly targeted and sent in low volumes aimed at specific people or job roles. These emails don’t have a payload. So there’s no attachment or URL for security tools to detect, analyse and sandbox. The messages are socially engineered for one sole purpose: tricking Due to the nature of email fraud, you need to validate the true identity of the email sender. Authentication For identity control, we start with email authentication. This step stops attackers who try to hijack your email domain, a technique called domain spoofing. With email authentication, only someone from your company – or someone you authorise – can send email using your domain. This stops many attacks in their tracks. DMARC authentication allows email senders to indicate that their messages are protected by two popular authentication techniques. And it tells receivers what to do if neither of those authentication methods passes. Proofpoint helps you to implement DMARC authentication quickly and confidently. We give you visibility into all the email coming into and going out of your organisation. With this visibility, you can authorise all legitimate senders trying to send emails on your behalf – and block any malicious emails spoofing your trusted domains or those of your suppliers. n Download whitepapers free from www.intelligentcio.com/me/whitepapers/ www.intelligentcio.com INTELLIGENTCIO 21