Email Delivery: How to Break All the Rules of Zero Trust

Szilárd Pfeiffer, Security Engineer & Evangelist, Balasys
May 16, 2023

92% of malware spread through the email system. This is not a surprise if we consider that the email delivery system breaks almost all the rules defined in Zero Trust. Even though there are several ways to apply security policies to email transfer, these methods are not nearly as widely declared and enforced as they should be. In this article, I’ll describe how an organization should transform its email delivery to ensure it conforms to the Zero Trust model.

Email has remained the most essential and the most overused communication method throughout its 40-year history, and still forms the basis of countless business processes. However, the fact that it uses one of the oldest and least securely designed communication protocols makes it the most exploitable and vulnerable area of the internet. The existence of phishing, spoofing, and other fraud techniques have demonstrated that the email system can be the weakest point of even a Zero Trust network and offers a path for attackers to introduce malware into a corporation. Why is this so? The issue is largely due to a lack of adherence to the Zero Trust principles.

Email is the Zero Trust Antipattern

Zero Trust principles state that you should handle everything as a resource, handle them equally, communicate securely, authenticate access, and provide only least-privilege access. In general, nobody would grant access to a corporate resource from the internet without robust authentication....

Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023
What certifications or qualifications do you hold?
Max. file size: 150 MB.

What level of experience should the ideal candidate have?
What certifications or qualifications are preferred?

Download Free eBook

Step 1 of 4


We’re committed to your privacy. Hakin9 uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our Privacy Policy.