When it comes to email security, relying on humans as the last line of defense is ill-advised. It’s just not realistic to expect users to suddenly change ingrained behaviors at work, such as opening emails and clicking on attachments, without any indication of how much trust they can put inside the email. Instead, a long-term behavioral shift needs to take place in the workplace in order to affect real change.
This thinking is supported by the bellwether of the cybersecurity world - Verizon’s annual Data Breach Investigations Report: “Simulations and training offered by most security education teams do not mimic real-life situations, do not parallel the behaviors that lead to breaches, and are not measured against real attacks the organization receives. This is why it’s important to progress from the traditional security awareness model to that of using behavioral science to change the habits that lead to attack path-breaking action.”
OnINBOX is our inbound security solution, a neat little security analyst that sits inside every inbox pointing out an email’s risk to the reader. It’s a light, cloud-based software that integrates with Google Workspace and Microsoft Office 365 APIs, making this inbound email solution quick and easy to deploy for email clients without needing to install any software.
Traffic light threat indicators in every emailOnINBOX is centered on making the user feel confident when using email, as very often training and simulation-based solutions can unwittingly create a divide between Security and the rest of the organization. Employees sometimes become worried to admit they have clicked on a link they perhaps shouldn’t have, for fear of repercussions. OnINBOX is always there, providing a clear visual heads up as to how to interact, or not, with each email, unlike the training which fades with time.
Ability to report and remediate phishing emails easilyWhen OnINBOX flags a suspicious email, employees can easily report an email from inside the email interface. Traffic light-colored buttons labeled with safe, spam, or phishing facilitate fast decision-making.
Swift remediation for IT adminsResponse teams can then carry out their investigation and take actions such as marking emails as safe, as a threat, or by blocking and deleting them from employees’ inboxes, directly from within their OnINBOX Manager interface.
Feedback function fosters employee engagementIT Security admins are also able to email the reporter to give feedback to those who reported the email on why it was safe or a threat, to request further information, or to educate them. When phishing awareness training is contextualized for the specific emails users reported, it becomes more memorable and meaningful.
We couldn’t just rely on Google’s phishing protection alone as the email content itself is not checked, but with OnINBOX we’ve added contextual notifications only when relevant to remove the burden from end-users.
Red Sift Solution Suites have been developed to address the high priority issues cyber-first organizations face today.
