Subscribe
Share
Share
Embed
Billions & Billions of eyeballs, six continents, 10k+ servers, and plenty of lessons learned over 2+ decades in IT. If you're looking for quick tips on optimizing tech, managing suppliers, and growing a business, 20 Minutes Max is the space for you.
Join me as I talk about things that come up during my day and share insights on taking your business to the next level. In less than 20 minutes, you'll walk away with actionable advice and strategies for success. Take advantage of this valuable resource for CEOs, CFOs, and business leader.
Hey. I'm Max Clark. Let's talk about Beck. No. This is not some, like like, dog vomit thing.
Speaker 1:Business email compromise, BEC. Yes. It's a terrible terminology. I didn't create it. You just gotta go with me on this one because, you know, this is just what we have to call it at this point.
Speaker 1:Business email compromise or Beck. And business email compromise is a huge threat vector. It's a huge thing that happens basically when you think about, like, most ransomware attacks, most vulnerabilities, most most phishing. I mean, the phishing, it's all it's almost always email, and it's email compromise or Beck. Beck.
Speaker 1:It's like a Beck. Beck. That's it. That's it. There you go.
Speaker 1:We gotta have some fun with this stuff. You know? I'm sorry. Anyways, big misnomer that comes is, hey. I'm on a cloud email platform.
Speaker 1:Like, I'm safe. They're protecting me. Right? I've got Google Workspace. I've got Microsoft 365, and so I can't have this stuff.
Speaker 1:And guess what? That is not true. Like, there's a reason why there is a thriving industry of companies offering, another one, Seg, secure email gateway platforms that overlay on top of Google Workspace and Microsoft 365. By the way, quick aside, there's a few different ways of running these things. You can run-inbound, so, like, through an MX record.
Speaker 1:So instead of the mail going to your mail platform, the MX record, which is the DNS entry, it's that tells the Internet where to send email to you. Instead of it going direct, it goes to this other platform here, and then that platform can do what it is and go in. That's great. That will help you with your inbound email. It doesn't give you any lateral.
Speaker 1:It doesn't give you impersonation detection and and and prevention. They're cheaper to deploy because they also don't require you to have an enterprise seat license on 365 or Workspace. If you wanna have API connectivity with these platforms, you need usually go up to an enterprise seat license. This is required once you cross 300 seats. Seat number 300 puts you in enterprise license.
Speaker 1:You can upgrade to an enterprise seat at any point. We see a lot of enterprises somewhere in that's, like, 100, 200 range usually want these other features that you get with the enterprise seat license, and they'll upgrade anyways somewhere in that tier. If you're 25 users, you probably don't have it. It's gonna change what technology you can get. This is just like a long sidebar conversation we're having right now.
Speaker 1:If you're already over 300 seats, you can get the the the full whizbang with the impersonation and everything else. We should actually share this slide. I don't think I have any this is an email. It comes from one of these security email gateway systems. And, you know, May 2024.
Speaker 1:This is a platform running in journaling mode with, API connectivity into Google Workspace. This is a 400 seat environment ish. You know, there's there's, like, floats up and down. And this is stuff that Google Workspace did not detect. So this is above and beyond what Google did.
Speaker 1:You know? Google probably blocked, like, 4,000,000 things in this in the span of a month. Not putting shade on Google here. They probably block, like, 4,000,000 things. This platform detected and blocked another 45,000 things.
Speaker 1:Flat out rejections, flat out spam. But here's where this gets really interesting. Right? Impersonation attacks, people trying to pretend like they're other that they're not who they are. Right?
Speaker 1:Trying to pretend that they're the CFO, the CEO, like, whatever it is, you know, to do horrible things, malware, you know, links clicked by employees that, you know, maybe there was something that went through. And then later, it was determined, like, this is a bad site, it's a bad URL, it's bad whatever, attachments that were bad that we we figured out as well. So there's a reason why security mail gateways are now being required by cyber insurance companies because they know, you know, the the native platform isn't cutting it, and you need something above and beyond what the native platform is giving you. By the way, if you're on an e five license, you can get Defender for, you know, the the Microsoft sells an additional service option available to you for your 365 email to give you this functionality in addition to going to, you know, any one of a, call it, half a dozen really good companies that focus in the space. Names that you know, names that we have in our portfolio, you know, names that our clients use.
Speaker 1:Like, you know, at some point, you know, yeah, you can call me. We can argue about, you know, a versus b versus a lot of different things. We can nerd out about it, but that's not point here. The point here is is this is email compromise. If you're watching this and you don't have I mean, the the acronyms are so bad.
Speaker 1:If you're watching this, you don't have a SAG system. If you don't have a secure email gateway platform, your cyber insurance is gonna require it. It's gonna ask you about it, And saying that we're running Google Workspace does not count anymore. And if you don't have it, you're gonna wanna run this. It's not expensive on a per seat basis.
Speaker 1:You're not adding a lot of load to your IT budget. This is not a lot of overhead. The protection that you get out of these platforms is fantastic. By the way, some will give you will integrate and give you security awareness training with the platform as well. So you can get a 2 for out of them if you want, or, you know, you can you can use a different company for your SAT as your seg to protect against back.
Speaker 1:It's so absurd. Anyways, comment below if you have any questions. Give me a call. Happy to chat about it. Happy to talk.
Speaker 1:Happy, if nothing else, just to laugh about the absurdity of acronyms in the cybersecurity tech space. And, you know, this is how you protect your, you know, protect against Beck with a seg. I'm Max Clark. Hope this helps.