Fifteen years ago, Gmail was launched by Google. The web-based service now has 1.5 billion users a month. In addition to being the extremely popular personal email service, Gmail is also a key component of G Suite for organizations.
One of the many reasons of Gmail’s popularity is its security. Google makes use of multiple antivirus engines to help identify malware that may be missed by antivirus signatures. Authentication features, like 2-step verification and single sign-on, and email security policies like secure transport (TLS) enforcement are also being offered within Gmail/G suite.
There’s another aspect of security that is evolving and hard to detect. Business Email Compromise (BEC) and unknown malware/zero-days are top threats threatening email users globally. The baseline security included with G Suite is designed to protect against known malware, which only accounts for 5 percent of malware. It is crucial to consider third-party tools to protect your organization from the other 95 percent of malware and other types of email threats.
Trend Micro Cloud App Security now protects Gmail within G Suite, in addition to Google Drive. It is an API-based service protecting Gmail, Microsoft® Office 365™ Exchange™ Online and other cloud file sharing services. Using multiple advanced threat protection techniques, it acts as a second layer of protection after emails and files have passed through G Suite/Office 365 scanning. In 2018, Cloud App Security caught 8.9 million high-risk email threats missed by Office 365 security.
Trend Micro Cloud App Security protects Gmail from three types of threats:
1. Unknown malware/zero-days: G Suite/Gmail uses antivirus engines to detect known malware.
As the second layer of filtering, Trend Micro Cloud App Security catches unknown malware using multiple advanced techniques (e.g. machine learning-based anti-malware, document exploit detection, and behavioral analysis using sandboxes). In fact, Trend Micro’s sandbox technology has been recommended by NSS Labs 5 years in a row.
2. BEC attacks: The most common type of BEC attack is CEO fraud – an email impersonating the CEO asks an employee to conduct a wire transfer, usually to a bank account overseas. BEC attacks are difficult to detect as cyber criminals use social engineering to trick users, and no attachment or malicious URL is in the email. Gmail protects against inbound emails spoofing your domain, which is a common tactic used by BEC messages. After the email passes Google’s scanning, Trend Micro Cloud App Security would use artificial intelligence to stop email fraud, and conduct unique authorship analysis by checking the writing style of the high profile users. The simple but hard to catch BEC attacks require multi-layered defense for the best protection.
3. Threats already exist in your organization: For threats that have passed through an organization’s security measures, it’s critical to have the capability to perform discovery and remediation. Trend Micro Cloud App Security offers a unique manual scan capability allowing admins to scan and protect Gmail mailboxes and Google Drive on-demand. The manual scan capability is available on Drive now and will be available on Gmail in July, 2019.
Trend Micro Cloud App Security is the easy solution which deploys in minutes, requires no MX record routing, and is transparent to users. Get a free trial now to see how many threats are passing your G suite environment.