Have you heard that over 90% of data breaches begin with an attacker sending email? You might have heard it from the company selling you an email security gateway, from industry professional groups, or from respected global consultancies. If you’re currently paying for an email security gateway, or just using the built-in gateway that comes with Microsoft 365 or Google Workspace, that 90% figure would make you feel pretty good about your investment – if it were true.
This statistic is unfortunately about four years out of date. Here’s the truth: in 2019, the use of email to deliver a phishing attack or malware figured in less than 40% of data breaches. These days, data breaches start in lots of different ways:
- 45% started with a hack (for example, exploiting a web app to bypass permissions)
- 22% started with a mistake (email addressed to the wrong person)
- 8% were internal attacks by authorized users
If it’s 2020, and you’re relying on an email gateway service, such as FireEye, Microsoft Defender ATP, or Proofpoint, as your bulwark against internet-based attacks, where does that leave you? Exposed.
That’s why Net Friends is introducing a new service for our NetVisor customers, included with all NetVisor contracts at no additional expense: Cloud Account Security.
In our research, we identified two major trends in internet-based attacks. First, 83% of breaches at small businesses in 2019 were for financial gain rather than industrial espionage. Attackers wanted to steal funds, extort a ransom, or retrieve personal data that they could sell on the black market. Second, 52% of breaches relied on compromised accounts to get access to the data they wanted. To counter this new model of attacks, we recognized that a modern email security solution needed to do two things that traditional email gateways couldn’t:
- Look not just at incoming emails, but at internal and outgoing emails as well
- Look at patterns of account activity across a company’s entire cloud infrastructure
NetVisor Cloud Account Security acts instantly to block access to accounts or files that exhibit suspicious activity. We do this by using machine learning to recognize the communication patterns of individual users across not just email, but also platforms like OneDrive, Slack, Teams, and Dropbox. We can then identify malicious files and flag unusual activity anywhere in the cloud. This helps prevent anyone from transferring data outside the organization – not just compromised accounts, but also authorized users who may be acting maliciously or simply sending the wrong file by accident.
NetVisor Cloud Account Security also includes traditional email security services, such as real-time URL filtering, malware sandboxing, and up-to-the-second phishing detection. It’s a full-spectrum solution that no gateway can match. And we’ll be providing it to all our NetVisor customers – another example of the continual improvement we strive for at Net Friends every day. Contact us to see what our NetVisor managed IT service can do for your business.