Loader

Published by Sabir Shaikh on December 19, 2017

Email Security and Privacy at Netcore

We have always taken email security as seriously as we have always taken any problems. Over the years, we became to be one of the fastest-growing Email as a Service platform, by giving the best quality features that drive performance and growth, while also investing as much time and energy on better email security at the same time.

The outbreak of widespread communications surveillance and security issues such as Heartbleed OpenSSL vulnerability, have taken a dig at email security, but, at Netcore, we have devised some significant amount of new security features that would ensure maximum security and growth.

We would also like to address some security-centric philosophy that has guided us from our inception till this day.

Implementing Opportunistic TLS

  • To tighten up the email security, we have enabled opportunistic TLS for all emails sent via Netcore’s platform.
  • Opportunistic TLS ensures every email communication sent is encrypted and secured.
  • TLS protects and secures emails from mass data collection and surveillance typically done over the internet.
  • TLS is fast growing, but some recipient servers don’t support TLS at all, and some may even be misconfigured, which eventually pull us back to an open, unencrypted connection.

One way to verify TLS support for the emails you send, is through Google’s Email encryption transparency report. Encrypted email communication has now become an industry standard for SMTP, and Opportunistic TLS is one method of secure and encrypted communications.

As a quest to ensure maximum security, we are also into strictly requiring TLS in recipient servers if in cases we’ve tested and confirmed its support. What this means to a recipient is that, if a malicious entity tries to break in and compromise the network traffic, then the TLS comes to play and it will be hard to make us fall into a very vulnerable unencrypted connection.

As a measure to maximize security we are currently in need of as many TLS supported outgoing mail. Unfortunately, so many servers don’t support TLS or are incorrectly configured. But as a start, we are in need of a 25% of TLS supportive recipients.

More than Just Encryption

The quest for maximum security never ends at Netcore. We are constantly looking for innovative ways to improve and develop various comprehensive security features and techniques we use for security.

We believe that protecting security means a lot more than guarding and securing emails from potential threats and third-party entities, but also involves safeguarding the sensitive information and encrypted content inside Netcore accounts.

Enabled Account Access Restrictions
Recently, we added the much needed, IP-based API restrictions to increase security. Moreover, we also added, an account security page combined, and two-factor authentication mechanisms to stretch the security and privacy.

The IP-based restrictions show which IP addresses have tried to tamper into the account.

The combination of IP-based API restrictions along with tracking and identifying malicious activities originating from an IP to a very secure two-factor authentication mechanism. Netcore ensures maximum email security.

Flexible API Access
Netcore account passwords and API keys have always been separate to prevent any easy security breach.

To maximize security, we have also provided the liberty of having more than one API keys per account. The keys could also be restricted to the methods it will be used for.

We have also made it easy and flexible to change API keys, update it and monitor it from different parts of your infrastructure.

Timely Alerts and Notifications
To make it easier to detect and react to suspicious account behavior, we have added alerts and rules to swiftly respond to various actions in a more easy way. Netcore has arranged the alert system to notify even the slightest changes to major changes made to password or contact information.

The alert system can be configured to adjust alert volume, bounce rate, more and the alerts could also be sent via SMS alerts.

Account Activity Logs

We enable you to stream an amount of data to track your email activity. Our broad search system allows you to search an activity by various fields like sender, subject, and other fields.

The search could also be used to filter out the API key that has been used to send the message. The inclusion of message content logging will also enable you to go through and search contents with the searchable fields.

The Netcore Way
The most important and core element that drives Netcore, are its security-focused methodology and principles. We believe that security is an ongoing process, and thus, our focused principles and methodologies are deep-rooted in security while ensuring good quality products. We are proud of the products we’ve built while still acknowledging the improvements we should take care of. We are passionate, committed and proud of what we give, and we know our users trust us with their emails by the growing volumes we see through the years.

Sabir Shaikh

Sabir Is Business Head, Transactional Emailing at Netcore Solutions Pvt. Ltd.

You can find me on: