[Announcement] Peripheral Email Security for SkyConnect Upgraded

We are happy to announce the upgrade of the peripheral security for SkyConnect – for Spam and Virus detection in Email.

This upgrade will be automatically available to all our customers.

The new email security system replaces the current one at the Peripheral Email security layer providing a guarantee on performance and reliability covering 5 parameters viz. Spam detection, Virus detection, False positive rate, Availability and Latency.

This upgrade will offer a hands free Spam and Virus experience with cleaner inboxes.

Here is a quick look at the security framework of SkyConnect and how the new upgrade impacts the overall security.

Summary of the SkyConnect Security Framework


Mithi SkyConnect, is built with a multi-layered security framework as outlined below –

Infrastructure Layer:

Hosted on AWS, SkyConnect leverages its certified security framework for securing the infrastructure resources,

VPC/WAF – Access to Compute resources, Storage and Applications is only through a controlled Private network using the Network firewalls built into Amazon VPC, and web application firewall capabilities in AWS WAF

IAM (Identity and Access management) – Provides secure access to operational teams to manage the resource groups.

Hardening – By using best practices for securing the OS, the servers are hardened during deployment, to reduce risks that arise from having a larger surface of vulnerability i.e. a server doing more than it is supposed to do.

 

Data Layer:

Data Storage – The SkyConnect Security framework deploys a tiered data store with strong Encryption, Access Control and Virtual Separation on the information to allow only authorised apps to access relevant data

 

Service Layer:

Authorisation – SkyConnect services are hardened to limit Access to only the required services from trusted networks by using the Access Control module.

Authentication – Users are required to securely authenticate before they can use any service. The authentication is controlled by strong Password Policies, which include minimum length, complexity, history, age etc.

Account Lockout – Services are further protected from DDOS attempts using the account lockout capability, where multiple invalid attempts can result in an automatic account lockout that can be re-opened only through an administrator intervention.

 

Communication Layer:

Encrypted Network traffic – The risk of sniffing and tapping is eliminated by Encrypting the client-server and server to server communication over TLS. Essentially all connections to and from the servers happen over SSL.

 

Application Layer:

Policy control – SkyConnect controls Mail traffic, Information theft and Resource overuse by deploying extensive and granular Mail Flow Policies. It has been observed that a lot of security threats come from an unharnessed mail system, which allows all and sundry to send any kind of mail to anybody (internal or external). It is a good practice to establish a corporate mail policy framework, which prescribes for each user and group of users, what type of mail they can send, and to whom.

DDOS attack control – SkyConnect also comes equipped with an Attack Control mechanism to Detect and Control Internal Spam/DOS attacks. Typically when client PCs get infected with certain types of viruses, they become spam generation agents. SkyConnect deploys throttling and flow rate control mechanisms to disable such attacks before they bring down the system.

Spoof check – SkyConnect will not allow one user to impersonate another user and send a mail. SkyConnect uses the user’s context comprising of trusted IPs, envelop sender id, authentication id, and mime sender id, to confirm authenticity of a user.

Multi-level Role based administration access – The administration console via the GUI is secured with role based access to allow multiple levels of administration (concept of least privileges). Using roles, the super administrator can define granular control over entities, fields/attributes of entities and operations. The same roles apply for operations done via the command line.

 

Peripheral Email Security

Here Mithi deploys a world class email security engine to scan for viruses and spam and quarantines infected mail. Only valid & clean mail are passed into the Inbox of the users. By ensuring hygiene at this layer, SkyConnect ensures that no malware, ransomware, spam, virus etc enter the system.

 

Off site Mail data Security for Recovery, Discovery and Compliance

Beyond this, SkyConnect offers Vaultastic, an archival service to archive a copy of every mail sent and received by all or selected users into a safe read only encrypted cloud archive store, which is guaranteed by 99.9999999999999% of reliability. End users can access their individual read only archive accounts to retrieve their mail or restore their mailboxes.

Ongoing Research – Mithi backend team regularly scans for new found vulnerabilities and publishes customer advisories with patches to mitigate the risks posed by these.

Leave a Reply

Your email address will not be published. Required fields are marked *

*