Review: GreatHorn offers a better way to secure enterprise email

GreatHorn takes a modern and highly effective approach to protecting enterprise email that goes well beyond the capabilities of legacy mail scanners.

Email is probably the most ubiquitous technology of the modern office. Businesses and simply could not exist in their current form without it. And this is true regardless of the size of an organization or their specialization. If an enterprise network exists, then there will certainly be an email component.

Criminals know this as well, which is part of the reason email-based attacks are on the rise. From annoying spam to highly specialized phishing efforts that might only target a handful of people in an organization, email is always one of the top jumping-off points for attacks and scams of every stripe. Yet despite this, most organizations still use binary protection methods where an appliance or software tool evaluates incoming mail and simply deletes it or passes it on to users. After that initial decision process, most email protection schemes simply move on without a second glance.

The new email protection platform from GreatHorn takes a different approach, sticking with specific email messages throughout their lifecycle and protecting users even if a previously approved message becomes malicious. It’s different right from the install process too. Instead of existing on an appliance or virtual server, it integrates right into the mail program itself. A mail administrator, working with the GreatHorn staff, can get the program up and running in about ten minutes. Users will see a GreatHorn icon on their email client, but no agents or programs are installed on endpoints.

GreatHorn Bar John Breeden II

Unlike mail appliances or other older protection methods, GreatHorn requires no internal assets and no data ever needs to leave the network. The program integrates with the existing email program. Clients see a GreatHorn button on their email, but nothing is actually installed on endpoints.

We tested GreatHorn in a production environment using an enterprise version of Office 365. It also works with Google’s G Suite and most other enterprise email applications. Once integrated with Office 365, Great Horn basically became part of the enterprise email service. No message is ever redirected out of the network for analysis. And there are no agents and no need to install anything on endpoints.

GreatHorn can work in conjunction with a legacy email gateway, though much of its basic functionality will mirror what most of those appliances do. In other words, GreatHorn removes known bad email such as advertisements for medications or email with attached viruses and malware from the stream, never passing it on to a user. It has a much deeper engine than most appliances and will likely catch things that they won’t, but you can use it in conjunction with other mail protections and it does not harm the functionality at all. GreatHorn will simply examine and monitor whatever mail the legacy appliance passes to it.

Where GreatHorn shines is in that grey area where an email doesn’t have enough bad traits, like an attached piece of malware, to label it as completely malicious, but shouldn't be fully trusted either. One of the things it looks for is email that comes from .net or .cn when the company’s top level domain is actually .com. Registering a similar domain in order to impersonate company officials is something advanced email phishers do. Or, attackers might reverse a couple letters or add a character and hope nobody notices.

To continue reading this article register now

FREE Download: Get the Spring 2019 digital issue of CSO magazine today!