Forrester Puts Forth New “Now Tech” Report Detailing Enterprise Email Security Providers

August. 16 2020

1:00-2:00AM PST

On July 14, Forrester published its “Now Tech: Enterprise Email Providers, Q3 2020” report, helping individuals and organizations to best understand the differing data security features offered by various vendors. In this report, Forrester selected vendors to include based on market presence and functionality, two key elements for analyzing the enterprise email security market.

Prior to delving into the advantages provided to organizations that enlist the services of enterprise email security providers, analysts Joseph Blankenship and Claire O’Malley posit a definition of the enterprise email security market in this report.:


“Technologies that protect organizations’ email communications in order to mitigate and

lessen the impact of email-borne attacks. These consist of on-premises or cloud-based email gateways and solutions that integrate with cloud-based email infrastructure. Capabilities include antispam, antimalware, antiphishing, data loss prevention (DLP), encryption, phishing education, business email compromise (BEC) and spoofing protection, malicious URL detection, and email authentication.”

Source: Forrester, “Now Tech: Enterprise Email Providers, Q3 2020”

Leveraging Enterprise Email Security Solutions

Enterprise email security vendors provide customers with efficiency and security-boosting advantages, like:

  • Intercepting and blocking phishing attacks - Although a key business function, email can make organizations vulnerable to phishing attacks. To help combat this, enterprise email security vendors supply a slew of antiphishing features.
  • Avoiding costly business email compromise (BEC) attacks - A form of phishing that imitates users, BEC attacks can bring chaos upon business, regardless of their size. DMARC authentication capabilities, BEC protection, and spoofing protection help to prevent these costly attacks.
  • Enhancing security team efficiency - With built-in automation and incident response features, enterprise email security providers can rapidly address security vulnerabilities.
  • Initiating and preserving trusted communications - To avoid encountering spoofed company email addresses, enterprise email security solutions can put a stop to account takeovers, preserving trusted communications.

Four Segments of Enterprise Email Security Functionality

Forrester breaks down functionality into the numerous features popularly supplied by various vendors within the enterprise email security market.

  1. SEG (Secure email gateway) - Positioned in front of either an email infrastructure provider or on-premises email infrastructure, and incorporated into the cloud, hardware, or software, these provide several email security capabilities -- both inbound and outbound.
  2. Email infrastructure provider - Vendors that equip organizations with email infrastructure and APIs and permit enterprise email security providers to supply supplementary security capabilities.
  3. Cloud-native API-enabled email security (CAPES) - Working with email infrastructure providers to bolster native security offerings, CAPES solutions help to provide protection against malicious attacks like phishing. Some CAPES can be incorporated with collaborative tools like Slack or Microsoft Teams for strengthened communication channel security.
  4. Email authentication provider - Vendors that supply authentication services and management, guiding organizations through the implementation and maintenance of DMARC -- protecting against BEC, spoofing, and fraud.

Each of these enterprise email security provider types has their own specific functionality segments. SEGs, for example, have higher functionality in antimalware, malicious URL detection, Data leak protection (DLP), and threat intelligence; they have low functionalities in messaging cloud integration, authentication, and phishing education. Email infrastructure providers offer no phishing education functionality and low authentication functionality. On the other hand, while email authentication solutions lack functionalities like messaging cloud integration, antimalware, encryption, threat intelligence, etc., they supply users with high email cloud integration, authentication, and BEC and spoofing protection functionalities.

While recognizing Trustifi’s vertical market focus as legal, healthcare, and financial services, Forrester identifies Trustifi’s primary functionality segments as Cloud-native API-enabled email security (CAPES). Forrester considers CAPES to have high functionality in terms of email cloud integration and phishing protection -- with additional moderate functionalities such as messaging cloud integration, malicious URL detection, incident response, and BEC and spoofing protection.

Forrester’s Recommendations for Bolstering Email Infrastructure With an Enterprise Email Security Vendor

As more and more organizations make the transition from SEGs and on-premises hardware, the native security features of email infrastructure providers are being supplemented by CAPES and cloud-based email security solutions.

“Security pros know that despite best efforts, malicious emails will inevitably get through, so they need a layered approach that includes both prevention and response measures.”

Source: Forrester, “Now Tech: Enterprise Email Security Providers, Q3 2020”


Forrester recommends that security professionals:

  • Implement DMARC under expert guidance - Although difficult to set up, the advantages of DMARC can make all of the necessary effort worth it. This is due to the fact that DMARC serves as the first layer of defense, stopping BEC and spoofed emails in their tracks. When properly implemented, DMARC ensures that customers, suppliers, and partners exclusively receive authenticated emails.
  • Equip employees with phishing education - Even with the most robust security measures enacted, malicious messages will still find their way into your employees’ inboxes. For this reason, enterprise email security solutions that offer SA&T (security awareness and training), as well as phishing education, can help to train employees to recognize, report, and avoid phishing attempts.
  • Devise a worst-case scenario incident response - In the event that a malicious email finds its way into an individual’s inbox, security teams should be prepared to detect and respond to malware infections, ransomware, and data theft as quickly as possible. Many enterprise email security providers offer assistance to security teams, helping to rapidly recognize and address security emergencies -- sometimes with automated responses.

Accessible to Forrester clients or available to others for purchase, the Now Tech: Enterprise Email Security Providers, Q3 2020 report can be found on their website.

Trustifi: A User-Friendly, Comprehensive Email Security Provider

As a user-friendly and comprehensive email security provider, Trustifi supports a variety of client needs, spanning advanced threat protection, data loss prevention, and encryption. In terms of advanced threat protection, Trustifi supplies detection, prevention, protection, and alerts regarding malware and ransomware viruses, detection of spoofing, phishing, and fraud, as well as options for whitelisting and blacklisting. Moreover, Trustifi’s services provide organizations with heightened security while remaining in 100% compliance with numerous regulations, including HIPAA/HITECH, PII, GDPR, FSA, FINRA, LGPD, and CCPA. And with recipient-side two-factor authentication and real-time certified email delivery and tracking services, Trustifi’s robust data loss prevention tools are only strengthened.

Additionally, Trustifi offers clients NSA-grade end-to-end email encryption equipped with complete inbound and outbound protection. And secure mobile relay makes for comprehensive protection, regardless of the device. Organizations using Trustifi can recall, block, modify, and set expiration times on previously sent and delivered messages. Furthermore, Trustifi’s open API allows for easy incorporation with Gmail, Outlook, and several other email platforms while maintaining consistent functionality for the user. Cost-effective and customizable with all of the convenience of the cloud, Trustifi provides users with unparalleled ease and flexibility.

Try Trustifi Today

For Individuals

Our Free Trial Is Forever Free

For Business

See if Trustifi Is Right for Your Organization