No wonder that email is an essential repository of sensitive content, the key to countless accounts, and the primary method used to initiate an advanced attack for obtaining valuable company data and spreading malware. And, especially, when attackers have multiple ways in, blocking messages is no longer enough.
Material Security was founded in 2017 by a group of technologists who previously worked for Dropbox, with a goal in mind to build security that works and works simply. The company has built a SaaS product that protects email accounts even after they’re compromised. The three key features that I like the most are the following:
1. Protect sensitive content in mailboxes
Email is a repository of most of our sensitive information. How do you protect them from bad actors who have somehow got into your email account?
Well, what if I tell you a creative idea that Material has put in place is it can protect critical data by finding and redacting sensitive content in email archives and brings it back when you need it, after a simple verification step.
2. Stop lateral account takeover via email
In my opinion, the biggest problem with email is that most of our online accounts are generated using an email id for many reasons. What if your email gets compromised one day? If it happens, the attacker can reset the password of those online accounts and misuse them.
Material keeps connected accounts safe by adding a simple authentication step to access password resets and other verification messages.
3. Protect against messages that get through blockers
More than 90% of successful hacks and data breaches start with phishing scams. Phishing is a threat to every organization across the globe. However, the solution that many experts suggest is to train your employees, and teach them how to spot a phishing email. That said, I think phishing training is an incomplete best practice: while one user reports an attack, others fall for it.
What Material does is as soon as it gets a single report from any employee, it instantly protects the entire organization without the delay or operational pain of a security review. Quite a neat idea, isn’t it?
Apart from the visibility and control, it can also be deployed via Office 365 and G Suite APIs.
Visuals credits: https://material.security/