Cloud-based email services have become popular because of their convenience and potential cost savings. For example, today a new organization can establish a robust email capability in a matter of minutes, without any infrastructure acquisitions and with minimal support costs.
Although some organizations may be reluctant to move their email systems to the cloud because of potential security concerns, other organizations have realized significant security benefits from migrating to a cloud email service. This chapter examines the major security pros and cons of cloud-based email that organizations considering that service should keep in mind
Pro: Improved content filtering
Perhaps the biggest security benefit of cloud-based enterprise email is the improvement in content filtering -- that is, the identification and blocking or segregating of malware, spam or phishing attempts, and other malicious email content. Because a cloud email provider can observe the email sent out to many organizations, the provider can quickly and readily identify suspicious activity -- such as a spam message sent to several organizations at once -- and prevent delivery, thus blocking that suspicious activity. A cloud email provider is also well positioned to use email blacklisting or reputation services to identify email-sending domains or hosts that should not be trusted. In short, a company that uses a cloud email provider can rest assured their email is being subject to an increased level of scrutiny.
Con: Exposure of sensitive data
Many organizations have avoided cloud migrations because of concern about the exposure of sensitive data. A cloud provider by default can view the headers and contents of an organization's email, including email between employees that, before being routed through the cloud, didn't necessarily "leave" the organization's boundaries. Email often contains sensitive information, either in the body of messages or in attachments. Organizations, therefore, have serious concerns that this information might be exposed to curious staffers at the cloud provider (or to malware-infected systems or even to other customers who can abuse weak security controls to gain unauthorized access to other organizations' email). A related concern is sensitive email and attachments being stored in cloud servers in other jurisdictions (e.g., countries) where privacy and security laws -- as well as other regulations -- may be significantly different from those in the U.S.
All these concerns can be addressed through specific security controls, such as encrypting all email transport communications (namely, using HTTPS for Web-based email instead of HTTP) or using data loss prevention (DLP) technologies to prevent particularly sensitive data from being transmitted via email. Cloud providers also offer security controls, like email encryption built into their email service. However, users should bear in mind that this particular control only improves security if the cloud provider cannot access the private keys used to encrypt emails. Some cloud providers also offer geolocation guarantees, which are meant to keep sensitive information out of certain geographic regions or legal jurisdictions -- a control worth considering if compliance and legal guidelines must be managed alongside security.
Pro: Increased availability
Organizations often focus on confidentiality and integrity while ignoring availability, but availability is an important security consideration. Cloud-based email systems often have much higher availability than email not based in the cloud because of the inherently reliable and fault-tolerant nature of the cloud. Also, cloud providers may be better positioned to thwart major network-based denial of service (DoS) attacks than a typical organization, further increasing availability.
Con: Lack of security visibility
A common complaint about cloud security, including cloud-based email, is that organizations lack visibility into the security of their data. Customers are dependent upon their cloud providers to not only secure the service, but also to provide visibility into how they secure their services in the first place. Simply trusting the provider is not a sound security strategy for cloud email. Organizations should contractually require that their cloud providers grant them full access to all security logs related to their emails. This is critical for improving incident response, malware handling and other vital security activities, and may be required for security compliance purposes.
Cloud-based email is becoming an increasingly attractive option for enterprises for a variety of reasons, and security teams will be pleased to know that the impetus to improve email security can be one of those reasons. However, like any security decision, cloud-based email comes with its own set of risks. Fortunately, the combination of maturing cloud providers and effective security controls is showing that secure cloud-based email is achievable.