What Is a Secure Email Gateway (SEG)?

An email gateway is a type of email server that protects an organisations or users internal email servers. This server acts as a gateway through which every incoming and outgoing email passes through. A Secure Email Gateway (SEG) is a device or software used for email monitoring that are being sent and received. Email gateway protection is designed to prevent unwanted email and deliver good email. Messages that are unwanted include spam, phishing attacks, malware or fraudulent content. Outgoing messages can be analysed to prevent sensitive data from leaving the organisation or to automatically encrypt emails that contain sensitive information. SEG functionality can be deployed as a cloud service, or as an on-premises appliance, depending on requirements.

While it may seem cost-effective to use secure email gateways that are free or to use publicly available software, there are downsides. This practice will likely result in unwanted or malicious emails making their way to user inboxes.

Free security software and services are often not updated fast enough to stop new threats. Attackers and spammers change their tactics quickly, so email security gateways that cannot keep up will be ineffective. Also, using software that is easy to obtain often means that attackers who want to get malicious emails to their victims will test their emails to make sure that they are not detected.

Saving money by implementing free email security could be costly if an attack against an organisation is successful.

Organisations may choose to deploy a secure email gateway (SEG) on premises—using either an appliance or a virtual appliance—or in the cloud. The choice will depend on whether the company is using a cloud-based email service, such as Microsoft Office 365 or an on-premises email server, such as Exchange. It also depends on whether an organisation wants to migrate services to the cloud and its comfort level with services and data existing outside the boundary of its own network.

Organisations that deploy on-premises appliances or software to protect email are responsible for purchasing and maintaining their hardware. They are also responsible for updating the software and for connectivity to the email servers. Companies that deploy a secure email gateway as a cloud service do not have to be responsible for any of those. Instead, the security vendor has to maintain service availability.

Another benefit of utilising a cloud service to deploy a secure email gateway is scalability. If there are spikes in email traffic or an increase in the number of users, a cloud service can quickly scale to maintain performance.

Many email security gateways might sound like they have the same or similar capabilities, but that is not necessarily true. Email security solutions have different functionality, so it is important to choose one that matches requirements.

Things to consider when selecting a secure email gateway are:

• Deployment Options. Whether an organisation wants to deploy email security as a cloud service or on-premises can be a major factor in choosing the right solution.
• Spam Effectiveness. As one of the main features of a secure email gateway, organisations should review email archiving solution comparisons of vendors using real-world email traffic.
• Malware Effectiveness. Another core ability of an email security solution is the ability to quickly and accurately detect and block malware using active analysis or URLs and attachments.
• Threat Intelligence. Tied to the ability to detect and block malware, threat intelligence can help administrators understand how they are being attacked, what tactics are being used and even which group is targeting them. It can also uncover which users are being attacked the most.
• Outbound Content Control. Analysing email leaving an organisation to prevent sensitive data from leaving or automatically using encryption to enforce security policy.
• Response Capabilities. If an email makes it to a user inbox and is subsequently found to be malicious, the ability to automatically locate and remove those emails will prevent subsequent infection.