Do you remember when email servers were very efficient, dramatically increased companies internal communications and we absolutely not susceptible to any kind of phishing attacks, spams or viruses? I do! Thirty years ago, that’s how it was and learning from the past will help you avoid making the same mistakes in the future.
In the late 80’s and early 90’s the proliferation of email server was in vogue. Ethernet networks were getting installed everywhere for people to share printers, fax and exchange files. It was the golden years of information technology. With this telecommunications infrastructure in place, companies of all sizes started deploying internal email servers and it was very secure and efficient up to that point.
The problem began when people started connecting their internal email servers to the internet. This opened a floodgate of spams, virus, mass phishing and finally, targeted phishing attacks, creating havoc in the cybersecurity world.
I hope you see by now where the mistake was made and the solution become obvious to me. Most email communications still involves employees from the same organisation to send text and attachment to each other, but places these email in the same INBOX as any other internet inbound email. The solution is very obvious. You gadda keep them separated.
One of the cybersecurity expert’s role is to educate the users to make distinctions between a legitimate email and a fake one. I worked in a very secure environment and even the most senior systems architect was eventually fooled into clicking a bad link or fall victim to a cyber phishing attack simulation.
If internal emails and external emails were managed separately and implemented with a clear distinctions between the two, there is a high level of probability that employees will stop getting victimized without the need to perpetual awareness programs from IT security. The other benefit would be to make it impossible for internal email to be re-routed to an external address and vice-versa, reducing dramatically the potential for leaked information.
HOW THIS CAN BE DONE
Most companies are moving their email infrastructure to the cloud right? We don’t have to change this. Outlook would still maintain its supremacy as the primary INBOX for emails, but ONLY for company based internal emails. Then a subsequent service could then be deployed for all external (internet) exchange and accessible thru a Web (SSL) portal only. From there, staff would stop getting victimize from crafted internet email getting mixed with legitimate ones.
Once that architecture is in place, very little attention would be given to the external email portals, phishing attacks would decrease dramatically and internal information would stop begin leaked, unless an employee makes a deliberate act of COPY &PASTE contents of internal email INBOX to an external INBOX. That can easily be monitored and tracked.
One might claim that this method wouldn’t be acceptable because of close collaboration with other companies or clients. The answer to this is that “some” external servers and/or emails addresses could be added to the whitelist of the internal email server, allowing for an un-interrupted flow of collaboration. The idea is to seperate the “anyone@anywhere” from being able to sugically place an threatening email in the primary INBOX of the employees.
What about Bring Your Own Device? Yeah, wha about it? People use personal smart phones to communication with their family and friends anyway, so why would you allow relatives form one of your employee to be able to send emails to the companies internal email server? People need to start making decisions and choices between absolute convenience and security. That’s a fact.
If I ran a company of 30, 3000 or 30,000 employees, that’s how I would implement management of emails simply because I would make it easier to everyone working within my company not to get fooled by phishing attacks. Beside, almost everyone needs an internal email INBOX, but not everyone needs one for external emails. The architecture I’m proposing here could limit the amount of staff who require an external email account, again, increasing the security of information of the company.
We can learn from the past, and the glorious years of email servers of the 90’s can be brought back. It only takes a bit of vision from Microsoft to upgrade its products/services to implement INBOX segregations, and help with the cybersecurity battles. Even if email server manufacturers don’t offer such solution, it can easily be achieved with email server policies and rules. It’s a simply matter of architecture.
There seems to be a never ending technology race to use better mouse traps and leverage artificial intelligence to combat email phishing attacks, when the real solution is so much simpler. For as long as we will make it easy for outsiders to access internal resources, winning the wars against cyber-threats will never be possible. Re thinking the infrastructure is the only viable and cost effective solution.