While outsourcing email is right for many, if not most, enterprises, it’s not enough to ensure both inbound and especially outbound email is secure. For example, outsourcing email would not prevent this from happening:
“Dear [FirstName] [LastName],” the email reads, “Click here to register for the AcmeCorp holiday party. Don’t forget to RSVP!”
You check the return email address: [email protected]. Not the usual corporate domain, AcmeCorp.com. Looks phishy. You forward it to your security department and wonder who clicked on the RSVP link.