Email security refers collectively to the prediction, prevention, detection and response framework used to provide attack protection and access protection for email. Email security spans gateways, email systems, user behavior, content security, and various supporting processes, services and adjacent security architecture. Effective email security requires not only the selection of the correct products, with the required capabilities and configurations, but also having the right operational procedures in place.
Gartner defines security service edge (SSE) as a solution that secures access to the web, cloud services and private applications regardless of the location of the user or the device they are using or where that application is hosted. SSE protects users from malicious and inappropriate content on the web and provides enhanced security and visibility for the SaaS and private applications accessed by end users. Security service edge provides a primarily cloud-delivered solution to control access from end users and edge devices to applications (private or delivered via SaaS) as well as websites (and to a lesser extent general internet traffic). It enables a hybrid workforce more efficiently than traditional on-premises solutions. Capabilities integrated across multiple traffic types and destinations allow a more seamless experience for both users and admins while maintaining a consistent security stance.
Gartner defines user authentication as the journey-time process that provides credence in a claim to an identity established for a person for access to digital assets. User authentication is delivered by some combination of (a) an authenticator, (b) signals evaluation and (c) an authentication decision point, which may be from different vendors. User authentication is used to provide credence in an identity claim for a person already known to an organization. The credence must be sufficient to bring account takeover (ATO) risks within the organization’s risk tolerance. User authentication is foundational to and protects the value of other functions with an organization’s identity fabric, namely: runtime authorization, especially segregation of duties (SOD); audit (individual accountability); and identity analytics.