Proofpoint review and alternatives

Proofpoint is a Software-as-a-Service platform that offers a range of systems to prevent stolen or tampered with data. As many attacks get into target systems through emails, Proofpoint has put a lot of work into creating a comprehensive email monitoring system. The service can scan social media platforms for potential hazards as well.

Businesses are targets for con artists who want to trick employees into giving them away so they can steal money and valuable assets. One of the most common assets that hackers aim for is the data held on the system. They are particularly interested in the personally identifiable information (PII) that companies hold on private individuals.

The value of PII is that it facilitates identity theft. Victims can have all their money stolen and even end up heavily in debt for loans taken out by tricksters using their identity. Identity theft can be devastating and can take years to recover from. All too often, the scammers are untraceable or untouchable in a faraway country. The only solution to this category of crime is to prevent it from happening.

In recent years, governments have started to crack down on identity theft. But, in reality, there is very little that law enforcement can do to catch these criminals who operate internationally. Without the risk of being caught and sent to jail, there is no disincentive to practicing email scams and identity theft.

Identity theft could grow exponentially. A cybercrime operation has minimal setup costs and, being a crime committed from a distance, seems almost victimless. To the thief, the victims are not people, just names and account numbers.

Businesses that hold PII weren’t all that interested in going to any expense to protect it. Full data security systems are expensive to run, and security checks can discourage customers. So preventing data loss was an activity that created a lot of expense without any reward of profit.

The casual attitude of many businesses towards data theft has been drastically corrected by legislation that makes companies financially responsible for the damage that identity theft causes to the individuals whose PII gets stolen. This change in the legal landscape has altered the calculations over whether data loss prevention is worth the cost. Now, the fines and legal action triggered by a data loss event can ruin a business.

The Proofpoint package provides all of the tools that a business that holds PII needs to prevent data theft. An email scanning system removes phishing attempts and malware, a data loss prevention service blocks outgoing data movements, and a threat detection system spots hackers and insider threats.

Proofpoint also includes risk management and compliance assessment systems. The service can identify your stores of sensitive data and protect them. The definition of what is regarded as sensitive data depends on the location and sector of your business because you need to coordinate your data protection systems with legal and standards requirements.

About Proofpoint

Proofpoint Inc. was started up in 2002. The company’s founder, Eric Hahn, had previously been the CTO of Netscape Communications. From the very beginning, Proofpoint has developed cyber security systems with integrated AI processes. The company was venture-funded and expanded rapidly. Proofpoint went public in 2012 and achieved an annual turnover of over $1 billion in 2020.

The company’s success attracted a lot of attention in the corporate world. As a result, IT equity firm Thoma Bravo bought the business in April 2021 for a cash offer of $12.3 billion. Today the company, based in Sunnyvale, California, has offices worldwide and more than 3,600 employees.

By focusing on the data security needs of businesses as the legal requirements over PII evolved, Proofpoint has established a very successful lead in its chosen market. While data protection is a growing market, Proofpoint will always face new competitors. However, the business has the resources to outgun smaller, newer technology-driven companies in terms of research. In addition, the company’s use of cutting-edge technology from its inception means that Proofpoint has the right corporate mindset to continue innovative development and keep ahead of the competition.

Proofpoint modules

The first product of Proofpoint was a spam filter. The company has expanded its email protection services to a complete security system covering all aspects of both incoming and outgoing email threats. In addition, the company has expanded out from that base to add data protection services on networks and Cloud servers.

The areas of operation of the Proofpoint system are:

  • Email Security and Protection
  • Advanced Threat Protection
  • Cloud Security
  • Compliance and Archiving
  • Information Protection
  • Digital Risk Protection

Proofpoint also offers end-user training packages to communicate best practices when dealing with PII n the workplace. There are also several managed options available, including Managed Email Security, Managed Service for Information Protection, and Insider Threat Management Services.

Email Security and Protection

Email systems are now routinely abused, and without a spam filter, every one of us would have to comb through useless and irrelevant messages to get to the actual emails that relate to business. Proofpoint started with its spam filter, and that critical service is still in the Proofpoint package. Now, the Proofpoint system can also spot phishing attempts that include fake email addresses (spoofing), links to fake websites that reap login credentials, and even emails that impersonate senior management passing instructions to employees.

Proofpoint has also added malware scanning and sandboxing for attachments to its email security system. This is an effective defense against ransomware and Trojans. In addition, the Proofpoint system grabs emails as they enter into the network, so there is no worry that users might download an infected file and damage the computer that it hits.

Advanced Threat Protection

This module addresses advanced persistent threats (APTs). In the APT scenario, a hacker gets access to the network and uses various tools to move around the system and discover new device credentials. Edge services can’t guard against APTs because they don’t look around the network for anomalous behavior. The Advanced Threat Protection module of Proofpoint adds endpoint agents to the monitoring suite.

The endpoint agents upload activity data to the Proofpoint server. This gives Proofpoint monitoring locations all around the network. By searching through that information, Proofpoint can identify suspicious movements around the system that don’t correlate to the business activities of typical users in the company.

Cloud Security

If you use Microsoft 365, all of your workers access the Microsoft servers with separate accounts and access a range of SaaS services, such as Word and Excel. Those accounts can take a lot of management, and the more accounts you have there, the more likely it is that the credentials will be stolen. Add in all of the other SaaS platforms your business subscribes to, and you’ve got a headache.

The Cloud Security module of Proofpoint deals with security issues that arise when using SaaS packages. The Proofpoint system identifies all of the accounts and ranks them with a score that marks out different levels of security requirements. For example, HR Department staff would expect regular access to employee data; however, warehouse staff should not. In this case, you need to ensure that only those employees who need access to PII get and that their actions are more closely monitored than those who have no specialist access.

Compliance and Archiving

Data privacy standards demand that specific types of data be protected. However, the first step in complying with a standard is to understand the kind of data it relates to. The next step is to locate stores of that type of data on your system. These two tasks are the main focus of the Compliance part of the Compliance and Archiving module of the Proofpoint platform. Once the eDiscovery service has located and logged all instances of the relevant sensitive data type, usage monitoring, and protection processes can begin.

A significant requirement of data privacy standards is that all actions relating to the sensitive data stores are logged and that those logs are made available for compliance auditing. This is the responsibility of the Archiving part of this module.

Information Protection

The Information Protection module is a data loss prevention (DLP) system. This brings in the email monitoring services of Proofpoint, but this time, it is outgoing emails subject to searches. Other parts of the system monitored as part of the DLP are social media activity, collaboration systems, and file-sharing facilities.

Moving in from the edge, the Information Protection system examines all activity related to the registered stores of sensitive data. In addition, this module looks for unusual user activity related to sensitive data. Actions that stand out to this monitor could indicate an account takeover or an insider threat.

Digital Risk Protection

The Digital Risk Protection unit available from Proofpoint is a reputation management and threat intelligence service. The service requires a lot of manual data analysis as well as automated data scraping.

The service gathers information from the Dark Web, scouring for information relating to stolen credentials. This information goes to the Proofpoint central server, which can be mined by each account implementation looking for compromises related to that business’s identities. With information about the release of such data, your security team can take preventative action and close down those compromised accounts.

The Digital Risk Protection service also gives you indicators of new attack strategies that are likely to hit your business so you can harden your security before your business is attacked.

Proofpoint prices

Proofpoint doesn’t publish its price list. However, the company does offer a 30-day free trial of its SaaS platform’s services, so that is the best place to start on your buyer’s journey.

Proofpoint strengths and weaknesses

Proofpoint is an impressive package that offers a complete protection service for corporate data. However, as the company expanded this package, it also reconfigured its delivery. The service was initially provided pre-loaded onto a network appliance. The system was then moved to a virtual appliance and is now a cloud-based SaaS service. We have identified some good points and bad points about the Proofpoint service.

Pros:

  • Includes email protection systems, filtering out spam and identifying scams
  • Offers sensitive data discovery and data standards compliance management
  • Implements insider threat and account takeover detection
  • Covers compliance auditing requirements
  • Blocks data theft

Cons:

  • On-site option no longer available

Proofpoint alternatives

Proofpoint has excellence in email protection, and it has expanded its platform into data loss prevention. The Proofpoint platform is pretty hard to beat. However, it is always good to investigate a few alternatives before investing in a new security system.

Here is our list of the four best Proofpoint alternatives:

  1. Mimecast Email Security This service is a close competitor to Proofpoint because its base plan provides email scanning, spam filtering, and phishing detection. Two higher plans add on data loss prevention and threat detection. The top plan also offers reputation management and threat intelligence. Mimecast also provides a package called Cyber Resilience, which includes all of the services of the Email Security Package plus compliance management and business continuity services. Mimecast is a SaaS platform.
  2. N-able Mail Assure This is an email proxy server that processes all incoming and outgoing emails. Incoming emails are filtered for spam and scanned for phishing attacks. Email scans also look for malware. Outgoing emails are scanned for data leaks, creating a data loss prevention service. This system includes AI processes for activity baselining and abnormal behavior detection. Access a 30-day free trial of N-able Mail Assure.
  3. TrendMicro Smart Protection Suite This is a SaaS package of TrendMicro tools that includes three plan levels. Choose how many tools you want to have in your bundle with the top edition, including email protection, data loss prevention, and anti-malware. Get a 30-day free trial of a Smart Protection Suite.
  4. Rapid7 InsightIDR This SIEM also implements data loss prevention from a cloud platform but with on-device agents. The threats that InsightIDR scans for include phishing attempts in emails. The Insight platform offers a range of modules that can be slotted together. The service can monitor multiple sites as one system and also include cloud resources. You can get a 30-day free trial of InsightIDR.