Eggs-cellent Email: How Cooking with Eggs Showcases the Promise & Peril of Email Security
by Jeremy Fuchs, Content Marketing Specialist for Harmony Email & Collaboration, Check Point Software Technologies
I’m not much of a chef, but I can do some cool things with eggs. Omelettes? Check. Scrambled? You got it. Eggs are a staple of my diet and go with pretty much anything.
I’ve spent almost four years in the world of email security, working first with Avanan and then transitioning over to Check Point when the startup was acquired in 2021. And in that time, I’ve spent many hours thinking about the different modes of email security and why some work better than others.
Why is email security so important? A new report from Check Point Research found that 92% of all attacks start with email. Phishing is the number one access point, and hackers have gotten clever at exploiting it. In fact, we’ve found that 18% of malicious emails bypassed Microsoft and landed in inboxes. Think about it. Out of every 100 emails, that’s nearly 20 that will reach users and potentially lead to a compromise.
That’s too much of a risk. You need more security.
So, you’re asking, how the heck do eggs and email security go together? Let me explain.
Imagine you’re about to make a three-egg omelette. The first step is to crack the eggs. Sure, they look fine in the carton, but you can’t really be sure what’s inside until you crack it. So you crack the first one. Into the bowl, it goes and smells and looks normal. The second one—into the bowl and looks and smells normal. Almost there. Now, the third one. And just as it hits the bowl, the smell hits your nose, and you’re in trouble. Now what?
Well, you can remove the egg from the bowl as soon as you notice. But it’s already co-mingled with the other eggs. The bacteria has spread—the damage has already been done, and you’re omelette has been compromised.
This is, believe it or not, how email security can work. Think of it like this: In some systems, all emails hit the bowl—or inbox—no matter what. The email could be good, or it could be bad, but it hits the inbox. The idea of these security systems is that they can remove the offending email before any damage is done.
But just like removing an egg—or if you really want to try something difficult, removing a piece of an eggshell—the offending act has already happened. The malicious email has entered the inbox and has entered your environment. You could pull it out, but something bad has already happened.
Like all of us, we wish there were a better way when it comes to email security and egg-making. What if you could actually look inside the egg before you open it? See and smell what’s going on under the shell and know if it’s safe to open or not? That would save a lot of time and frustration.
That’s how an email security solution like Avanan works. It scans the email before it reaches the inbox. You can open the email and know that it’s good. It’s like a scanner, looking at all the email properties to understand if it’s good or bad. We’re like a magical egg investigator, looking under the shell to see what’s really going on. That way, when it’s time to open the email, you know you’re good to go.
You may be asking—isn’t that what default security and secure gateways do? Yes, kind of. Think of these services like this: looking at the egg at the grocery store. You’ll see imperfections or early cracks right away, but getting under the surface is impossible.
What email security solutions do is look at what they’ve missed and stop what they haven’t. It looks at the most difficult-to-spot things and stops them there.
When you open an email, you need to be sure that you’re not going to cause any damage to your organisation or yourself. You need to have confidence that the email you opening is safe, so you can respond to it and not worry about anything else.
You need to be sure that when you bite into the omelette, you’re not going to choke on a piece of shell.
I came to email security as an outsider. I was a sportswriter for five years before this crazy transition. So, I came into the field without preconceived notions of what works and what doesn’t. I can only base it on what I’ve seen from my unique perspective. And as a former sportswriter who dabbles with egg cookery, to me, it’s clear: you want to inspect something—eggs, emails, anything—before you engage.