Go back

Securing Mailboxes in the Era of Persistent Threats: Insights from Recent Chinese State-Linked Hacks

Stating the obvious: Recent events reinforce the fact that the mailboxes inside of organizations continue to be a target and that even strong authentication controls are insufficient to prevent unauthorized access.

Industry Insights
July 18, 2023
4m read
4m read
4m listen
4m watch
4m watch
circles in a red background
speakers
speakers
speakers
authors
Chris Long
participants
No items found.
share

Stating the obvious: Recent events reinforce the fact that the mailboxes inside of organizations continue to be a target and that even strong authentication controls are insufficient to prevent unauthorized access.

It's time for organizations to adopt a strategy that goes beyond securing against mailbox compromise. Organizations should adopt an "assume breach" mentality and must include protections to mitigate the impact of a successful compromise.

Email was, is, and will continue to be one of the primary attack vectors and targets.

Email is the most widely used collaboration tool in the world. The wealth of information inside email accounts requires that we stop thinking of them as simple messaging applications and shift to recognizing them as the rich data repositories they have become. Traditional approaches, such as email gateways and phishing protection, do not offer protection for data at rest in a mailbox.

The shift from on-prem to cloud infrastructure has improved overall mail infrastructure security, however, it still hasn't addressed the need to protect the data inside mailboxes. As in other areas of digital transformation, the adoption of cloud-based email services like Microsoft 365 and Google Workspace presents an opportunity to rethink and apply proven security models.

Learning from the past

When trying to find solutions to problems, it is often helpful to consider how similarly complex challenges have been addressed in the past. The theft or loss of a company issued device was previously considered a perilous event. Because data was frequently stored unencrypted on hard drives, it was easily accessed and copied by any individual with possession of the device. Today, device theft and loss still occur but the data on the device remains protected because full disk encryption has become ubiquitous. Except in rare and extreme circumstances, the loss of devices now presents a negligible risk to organizations. The cost and effort required to defeat full disk encryption makes physical asset theft a path of considerable resistance and adversaries often search for alternative access to the information or goals they seek. As an industry, once we accepted that theft or loss of devices would continue to happen, we were able to find innovative ways to ensure that the risk from such an occurrence would be greatly reduced.

Securing the modern, cloud email environment

Unauthorized access to mailboxes, as opposed to physical devices, is a targeted and concerted effort for adversaries. At Material our mission is to make it prohibitively difficult for attackers to access sensitive email data post-compromise. We should operate with the assumption that mailbox compromise is no different than the loss of a physical device and shift to a strategy of protecting emails at rest. The powerful APIs exposed by email providers enables new and innovative mailbox protections. Material Security leverages these APIs to apply defense-in-depth for mailboxes by determining which messages contain sensitive content and requiring an additional, low-friction challenge to access them. Even with full control of an organization's mail infrastructure, such as in the high-profile example recently revealed by the US Commerce Department, adversaries would still be unable to access the content of sensitive emails protected by Material Security.

Protecting data at rest on physical devices is a requirement of modern information security programs. Now that the technology exists, protecting emails at rest in cloud environments must follow.

Related posts

Our blog is your destination for expert insights, practical tips, and the latest news in technology. Stay informed with our regular updates and in-depth articles. Join the conversation and enhance your understanding of the tech landscape.

blog post

Securing Google Drive for the Enterprise AI Search Wave

Google Drive isn’t just another input to AI-driven search: for businesses that have standardized on Google Workspace, it’s the most critical.

Josh Donelson
3
m read
Read post
Podcast

Securing Google Drive for the Enterprise AI Search Wave

Google Drive isn’t just another input to AI-driven search: for businesses that have standardized on Google Workspace, it’s the most critical.

3
m listen
Listen to episode
Video

Securing Google Drive for the Enterprise AI Search Wave

Google Drive isn’t just another input to AI-driven search: for businesses that have standardized on Google Workspace, it’s the most critical.

3
m watch
Watch video
Downloads

Securing Google Drive for the Enterprise AI Search Wave

Google Drive isn’t just another input to AI-driven search: for businesses that have standardized on Google Workspace, it’s the most critical.

3
m listen
Watch video
Webinar

Securing Google Drive for the Enterprise AI Search Wave

Google Drive isn’t just another input to AI-driven search: for businesses that have standardized on Google Workspace, it’s the most critical.

3
m listen
Listen episode
blog post

Supercharging Gemini Labelling in Google Drive with Material Security

Find sensitive content across your environment and kick off smart, flexible actions like labeling automatically at scale.

Josh Donelson
6
m read
Read post
Podcast

Supercharging Gemini Labelling in Google Drive with Material Security

Find sensitive content across your environment and kick off smart, flexible actions like labeling automatically at scale.

6
m listen
Listen to episode
Video

Supercharging Gemini Labelling in Google Drive with Material Security

Find sensitive content across your environment and kick off smart, flexible actions like labeling automatically at scale.

6
m watch
Watch video
Downloads

Supercharging Gemini Labelling in Google Drive with Material Security

Find sensitive content across your environment and kick off smart, flexible actions like labeling automatically at scale.

6
m listen
Watch video
Webinar

Supercharging Gemini Labelling in Google Drive with Material Security

Find sensitive content across your environment and kick off smart, flexible actions like labeling automatically at scale.

6
m listen
Listen episode
blog post

Classifying Chaos: How Material Automates User-Reported Phishing at Scale

While automated detection systems catch many threats, user reports remain a vital defense layer – often catching sophisticated attacks that slip through automated filters. See how Material solves this problem.

Eddie Conk
10
m read
Read post
Podcast

Classifying Chaos: How Material Automates User-Reported Phishing at Scale

While automated detection systems catch many threats, user reports remain a vital defense layer – often catching sophisticated attacks that slip through automated filters. See how Material solves this problem.

10
m listen
Listen to episode
Video

Classifying Chaos: How Material Automates User-Reported Phishing at Scale

While automated detection systems catch many threats, user reports remain a vital defense layer – often catching sophisticated attacks that slip through automated filters. See how Material solves this problem.

10
m watch
Watch video
Downloads

Classifying Chaos: How Material Automates User-Reported Phishing at Scale

While automated detection systems catch many threats, user reports remain a vital defense layer – often catching sophisticated attacks that slip through automated filters. See how Material solves this problem.

10
m listen
Watch video
Webinar

Classifying Chaos: How Material Automates User-Reported Phishing at Scale

While automated detection systems catch many threats, user reports remain a vital defense layer – often catching sophisticated attacks that slip through automated filters. See how Material solves this problem.

10
m listen
Listen episode
blog post

Protecting Patients’ Data Beyond HIPAA Requirements

Recent proposed changes to the HIPAA Security Rule don’t go far enough, but that shouldn’t stop healthcare organizations from keeping patient data safe.

Rajan Kapoor
7
m read
Read post
Podcast

Protecting Patients’ Data Beyond HIPAA Requirements

Recent proposed changes to the HIPAA Security Rule don’t go far enough, but that shouldn’t stop healthcare organizations from keeping patient data safe.

7
m listen
Listen to episode
Video

Protecting Patients’ Data Beyond HIPAA Requirements

Recent proposed changes to the HIPAA Security Rule don’t go far enough, but that shouldn’t stop healthcare organizations from keeping patient data safe.

7
m watch
Watch video
Downloads

Protecting Patients’ Data Beyond HIPAA Requirements

Recent proposed changes to the HIPAA Security Rule don’t go far enough, but that shouldn’t stop healthcare organizations from keeping patient data safe.

7
m listen
Watch video
Webinar

Protecting Patients’ Data Beyond HIPAA Requirements

Recent proposed changes to the HIPAA Security Rule don’t go far enough, but that shouldn’t stop healthcare organizations from keeping patient data safe.

7
m listen
Listen episode
Privacy Preference Center

By clicking “Accept”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.