Go back

Securing Mailboxes in the Era of Persistent Threats: Insights from Recent Chinese State-Linked Hacks

Stating the obvious: Recent events reinforce the fact that the mailboxes inside of organizations continue to be a target and that even strong authentication controls are insufficient to prevent unauthorized access.

Industry Insights
July 18, 2023
4m read
4m read
4m listen
4m watch
4m watch
circles in a red background
speakers
speakers
speakers
authors
Chris Long
participants
No items found.
share

Stating the obvious: Recent events reinforce the fact that the mailboxes inside of organizations continue to be a target and that even strong authentication controls are insufficient to prevent unauthorized access.

It's time for organizations to adopt a strategy that goes beyond securing against mailbox compromise. Organizations should adopt an "assume breach" mentality and must include protections to mitigate the impact of a successful compromise.

Email was, is, and will continue to be one of the primary attack vectors and targets.

Email is the most widely used collaboration tool in the world. The wealth of information inside email accounts requires that we stop thinking of them as simple messaging applications and shift to recognizing them as the rich data repositories they have become. Traditional approaches, such as email gateways and phishing protection, do not offer protection for data at rest in a mailbox.

The shift from on-prem to cloud infrastructure has improved overall mail infrastructure security, however, it still hasn't addressed the need to protect the data inside mailboxes. As in other areas of digital transformation, the adoption of cloud-based email services like Microsoft 365 and Google Workspace presents an opportunity to rethink and apply proven security models.

Learning from the past

When trying to find solutions to problems, it is often helpful to consider how similarly complex challenges have been addressed in the past. The theft or loss of a company issued device was previously considered a perilous event. Because data was frequently stored unencrypted on hard drives, it was easily accessed and copied by any individual with possession of the device. Today, device theft and loss still occur but the data on the device remains protected because full disk encryption has become ubiquitous. Except in rare and extreme circumstances, the loss of devices now presents a negligible risk to organizations. The cost and effort required to defeat full disk encryption makes physical asset theft a path of considerable resistance and adversaries often search for alternative access to the information or goals they seek. As an industry, once we accepted that theft or loss of devices would continue to happen, we were able to find innovative ways to ensure that the risk from such an occurrence would be greatly reduced.

Securing the modern, cloud email environment

Unauthorized access to mailboxes, as opposed to physical devices, is a targeted and concerted effort for adversaries. At Material our mission is to make it prohibitively difficult for attackers to access sensitive email data post-compromise. We should operate with the assumption that mailbox compromise is no different than the loss of a physical device and shift to a strategy of protecting emails at rest. The powerful APIs exposed by email providers enables new and innovative mailbox protections. Material Security leverages these APIs to apply defense-in-depth for mailboxes by determining which messages contain sensitive content and requiring an additional, low-friction challenge to access them. Even with full control of an organization's mail infrastructure, such as in the high-profile example recently revealed by the US Commerce Department, adversaries would still be unable to access the content of sensitive emails protected by Material Security.

Protecting data at rest on physical devices is a requirement of modern information security programs. Now that the technology exists, protecting emails at rest in cloud environments must follow.

Related posts

Our blog is your destination for expert insights, practical tips, and the latest news in technology. Stay informed with our regular updates and in-depth articles. Join the conversation and enhance your understanding of the tech landscape.

blog post

New in Material: Detections, Remediations, Reports & More

As the days grow shorter and the weather gets colder, Material’s ready with a steady stream of hot platform updates to keep you warm.

Patrick Duffy
4
m read
Read post
Podcast

New in Material: Detections, Remediations, Reports & More

As the days grow shorter and the weather gets colder, Material’s ready with a steady stream of hot platform updates to keep you warm.

4
m listen
Listen to episode
Video

New in Material: Detections, Remediations, Reports & More

As the days grow shorter and the weather gets colder, Material’s ready with a steady stream of hot platform updates to keep you warm.

4
m watch
Watch video
Downloads

New in Material: Detections, Remediations, Reports & More

As the days grow shorter and the weather gets colder, Material’s ready with a steady stream of hot platform updates to keep you warm.

4
m listen
Watch video
Webinar

New in Material: Detections, Remediations, Reports & More

As the days grow shorter and the weather gets colder, Material’s ready with a steady stream of hot platform updates to keep you warm.

4
m listen
Listen episode
blog post

Identifying Risk in Google Workspace with Material & SADA, An Insight Company

Partnering with SADA, An Insight company, companies big and small can get deep insights into the types of risk that live inside of Google Workspace, powered by a data-driven analysis of user behaviors, sensitive data in email and files, and posture settings by the Material Security platform.

Josh Donelson
5
m read
Read post
Podcast

Identifying Risk in Google Workspace with Material & SADA, An Insight Company

Partnering with SADA, An Insight company, companies big and small can get deep insights into the types of risk that live inside of Google Workspace, powered by a data-driven analysis of user behaviors, sensitive data in email and files, and posture settings by the Material Security platform.

5
m listen
Listen to episode
Video

Identifying Risk in Google Workspace with Material & SADA, An Insight Company

Partnering with SADA, An Insight company, companies big and small can get deep insights into the types of risk that live inside of Google Workspace, powered by a data-driven analysis of user behaviors, sensitive data in email and files, and posture settings by the Material Security platform.

5
m watch
Watch video
Downloads

Identifying Risk in Google Workspace with Material & SADA, An Insight Company

Partnering with SADA, An Insight company, companies big and small can get deep insights into the types of risk that live inside of Google Workspace, powered by a data-driven analysis of user behaviors, sensitive data in email and files, and posture settings by the Material Security platform.

5
m listen
Watch video
Webinar

Identifying Risk in Google Workspace with Material & SADA, An Insight Company

Partnering with SADA, An Insight company, companies big and small can get deep insights into the types of risk that live inside of Google Workspace, powered by a data-driven analysis of user behaviors, sensitive data in email and files, and posture settings by the Material Security platform.

5
m listen
Listen episode
blog post

Risky Biz Podcast Interview with Rajan & Dan

Dan Ayala, Chief Security & Trust Officer from Dotmatics joins Rajan Kapoor, Field CISO from Material on Risky Business to discuss how to wrangle securing data that ends up in corporate cloud email and file stores.

Material Team
10
m read
Read post
Podcast

Risky Biz Podcast Interview with Rajan & Dan

Dan Ayala, Chief Security & Trust Officer from Dotmatics joins Rajan Kapoor, Field CISO from Material on Risky Business to discuss how to wrangle securing data that ends up in corporate cloud email and file stores.

Rajan Kapoor
10
m listen
Listen to episode
Video

Risky Biz Podcast Interview with Rajan & Dan

Dan Ayala, Chief Security & Trust Officer from Dotmatics joins Rajan Kapoor, Field CISO from Material on Risky Business to discuss how to wrangle securing data that ends up in corporate cloud email and file stores.

Rajan Kapoor
10
m watch
Watch video
Downloads

Risky Biz Podcast Interview with Rajan & Dan

Dan Ayala, Chief Security & Trust Officer from Dotmatics joins Rajan Kapoor, Field CISO from Material on Risky Business to discuss how to wrangle securing data that ends up in corporate cloud email and file stores.

Rajan Kapoor
10
m listen
Watch video
Webinar

Risky Biz Podcast Interview with Rajan & Dan

Dan Ayala, Chief Security & Trust Officer from Dotmatics joins Rajan Kapoor, Field CISO from Material on Risky Business to discuss how to wrangle securing data that ends up in corporate cloud email and file stores.

Rajan Kapoor
10
m listen
Listen episode
blog post

Material Product Demo: Securing Google Workspace & M365

Abhishek Agrawal gives an in-depth product demo walkthrough on Risky Business

Material Team
35
m read
Read post
Podcast

Material Product Demo: Securing Google Workspace & M365

Abhishek Agrawal gives an in-depth product demo walkthrough on Risky Business

Abhishek Agrawal
35
m listen
Listen to episode
Video

Material Product Demo: Securing Google Workspace & M365

Abhishek Agrawal gives an in-depth product demo walkthrough on Risky Business

Abhishek Agrawal
35
m watch
Watch video
Downloads

Material Product Demo: Securing Google Workspace & M365

Abhishek Agrawal gives an in-depth product demo walkthrough on Risky Business

Abhishek Agrawal
35
m listen
Watch video
Webinar

Material Product Demo: Securing Google Workspace & M365

Abhishek Agrawal gives an in-depth product demo walkthrough on Risky Business

Abhishek Agrawal
35
m listen
Listen episode
Privacy Preference Center

By clicking “Accept”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.