Most organizations already deploy information security technologies, but these are still often centered on “traditional” controls such as endpoint antivirus, network firewalls, intrusion detection and prevention systems, and basic email and web filtering. While these tools remain important, they were largely designed for a threat landscape that is now significantly outdated.
Today’s threat environment has evolved considerably. Ransomware, phishing campaigns, and advanced persistent threats are increasingly common, and many are engineered to bypass legacy defenses. Malicious payloads are frequently embedded within seemingly legitimate documents or files, then delivered directly to end users. Once opened, these files can silently execute code and initiate compromise, often without immediate detection by signature-based security tools.
At the same time, regulatory and compliance requirements have expanded the scope of organizational responsibility. Frameworks such as the Payment Card Industry Data Security Standard (PCI DSS) and the General Data Protection Regulation (GDPR) require stronger governance over sensitive data, access control, and breach prevention. Importantly, these obligations are not limited to EU-based organizations; any organization processing EU citizen data may fall within scope and face significant penalties for non-compliance.
As a result, organizations are under pressure to strengthen their security posture without disrupting existing investments. A full “rip-and-replace” approach is often impractical, both financially and operationally. Instead, many are adopting strategies that enhance current infrastructure with additional layers of protection.
Fortra Email Security is designed to support this approach by integrating with existing email environments and extending their capabilities. Rather than replacing established systems, it adds advanced threat detection for malicious attachments and links, alongside data loss prevention controls to help identify and reduce the risk of sensitive information being improperly shared. This layered model allows organizations to improve protection against modern threats while maintaining continuity with their existing security stack.
Advanced Information-Borne Threats
Cyber-attacks are not easy to spot as they are embedded into innocuous documents which can be distributed through many different communication channels. This might be malware which is targeted at specific individuals in a business; for example, it might be a CV sent to the HR department, or an invoice sent to the finance department. Other information loss risks could be a simple cut-and-paste error from one document to another which results in confidential information being shared with unauthorized individuals; or sensitive information in the form of document metadata and revision history inadvertently leaked outside an organization. This data can be harvested by cybercriminals and used to create targeted phishing attacks.
Deep Content Inspection and Consistency
Fortra has spent more than 20 years developing its deep content inspection (DCI) technology which takes documents and breaks them into their constituent parts. For example, this might be an email with a zip file attachment. Inside the zip may be a number of documents, and the documents may have further embedded documents. DCI continuously decomposes the items until there are only single items left. SThe DCI engine can then continue its inspection at the information level; for example, to find a credit card number or other confidential information.
Fortra applies a consistent approach to data security by using the same DCI capabilities across its product portfolio, all governed by a unified policy engine. This consistency is critical in security environments, where gaps or inconsistencies between tools can create exploitable weak points for attackers.
While the underlying policy framework remains the same across solutions, the enforcement actions can differ depending on context. Security decisions are not static; they are driven by how, where, and by whom data is being used or transferred.
Context typically includes the originator of the data, the intended recipient, and the communication channel involved. For example, the same document may be treated differently depending on its movement: an email attachment might be automatically encrypted, uploading the file to a web service could trigger redaction of sensitive content, and an attempt to copy it to a USB device might be blocked entirely.
These controls can also be refined based on user roles and associated risk levels. For instance, a senior executive such as a CEO may be granted broader flexibility in certain workflows, while users in highly sensitive functions like finance or HR may be subject to stricter enforcement policies. This role-based context allows organizations to balance security with operational practicality, ensuring protection is both consistent and appropriately adaptive.
Adaptive Redaction
AR was designed to address modern, information-borne threats that traditional security tools often struggle to handle, as well as a core limitation found in many conventional Data Loss Prevention (DLP) solutions.
Rather than simply blocking or allowing content, AR works alongside the data classification and inspection (DCI) engine to intelligently modify sensitive information within documents. This includes email messages, Microsoft Office and OpenOffice files, HTML content, web pages, and PDFs. By selectively redacting or altering sensitive elements, AR ensures that security policies are upheld while still allowing the underlying communication to proceed.
This approach helps organizations reduce the risk of data exposure without unnecessarily disrupting business workflows or preventing legitimate information sharing.
There are three components to AR:
Deep content inspection can occur at all levels of embedded documents ensuring that critical information is protected at all times.
The false positive is a problem which occurs in traditional DLP solutions whereby an overzealous (or inaccurate) policy stops communication from flowing when it is in fact legitimate. The result is that while the information may have been protected, the blocked communication stops business. This causes frustration across the organization; the sender who thinks their communication has gone but it hasn’t, the IT or other department who needs to deal with the blocked communication and rewrite the policy, and for the recipient who was expecting something which hasn’t delivered.
Adaptive Redaction, specifically the data redaction component, will remove that piece of the document but leave the rest to continue on. Furthermore, if there is a need for the original document to be sent on, then a very simple mechanism is used whereby the sender’s manager (and/or a specific department or group) can authorize the release and sending of the original. This adaptive approach to DLP reduces the operational overheads which would otherwise occur. Distributed operations and ease of use are key to Fortra Email Security solutions.
Augmenting an Existing Email Security System
Email remains the most used business tool for organizations of all sizes and across all verticals, vital for both internal and external collaboration. However, it has also become the most significant threat vector for social engineering and the delivery of ransomware.
Most organizations have an email security gateway appliance, where anti-virus and anti-spam technology is deployed to protect users. While these technologies are still relevant, there is now a need for further protection to be deployed.
Fortra Secure Email Gateway enables existing IT security to deploy the latest state-of-the-art email security technology to augment any existing solutions. A set of default polices are provided to protect against the most common threats at your perimeter:
- Removes active content from email and documents. Protects against malware and ransomware.
- Removes document properties, revision history, and fast save data. Protects against information harvesting that can be used for targeted phishing.
- Removal of credit card details. This example of data redaction will mitigate the risk of PCI DSS non-compliance.
The default policies can be customized to cover organization specifics. Fortra policies are direction-agnostic, so can be applied in either direction. For example, data redaction can be used to remove credit card information to prevent it entering an organization, as well as prevent it from leaking out. This is useful if the email system is not PCI DSS-compliant. Similarly, structural sanitization can be used to remove active content as it leaves the organization. One example of this is with financial institutions where macros in spreadsheets are part of their Intellectual Property (IP) – and so shouldn’t be shared. Automating the removal protects the IP and doesn’t rely on users needing to remember to do it manually.
Augmenting Infrastructure to Enable Internal Email Security
While many organizations are improving their security around collaboration solutions by restricting access, internal email still remains a risk – as anybody can send anything to anyone internally. While all employees should be deemed as trustworthy, experience would indicate that this isn’t always the case.
Traditional DLP tackles information leaving an organization, but Fortra Secure Exchange Gateway enables organizations to augment their Microsoft Exchange environment with internal DLP and Adaptive Redaction. As the solution is ‘off-box’ and direction-agnostic, the impact to the Exchange server performance is minimal and all email can be monitored and action taken if required.
As with other Fortra solutions, this capability is built on the same DCI engine, enabling organizations to maintain consistent policy enforcement across their wider security environment.
Because the focus here is primarily on internal email traffic, deployments are typically centered on detection and visibility rather than aggressive blocking or content modification. This allows security teams to identify potential policy violations without unnecessarily disrupting day-to-day communication.
Predefined redaction policies are also available, for example to help prevent the accidental spread of credit card numbers or other sensitive data across the organization. However, the primary objective is broader than simple data masking. It is to enable controlled separation between business units, ensuring that sensitive or critical information is not shared inappropriately, without requiring a fully segregated email infrastructure such as a separate Exchange deployment.
Augmenting an Existing Web Security System
In the same way that most organizations have some email security, they also have some level of web security. Usually this is through a proxy which can carry out URL filtering and anti-virus scanning on downloaded files. Proxies, such as those from Blue Coat or F5 have the ability to add additional functionality through a standardized interface, ICAP. Fortra Secure ICAP Gateway can be used in conjunction with any proxy to add another level of security to prevent information borne threats.
Fortra Secure ICAP Gateway can also be deployed in a reverse-proxy configuration to extend protection to corporate web environments. In this mode, it helps safeguard organizations against the upload of malware-infected documents while also controlling the information exposed through file downloads. Document metadata and embedded properties — often harvested to support phishing or social engineering attacks — can be automatically removed before files are delivered to end users.
The solution includes default policy sets that enable consistent protection across both email and web channels, helping ensure a unified security posture. In addition, organizations can define custom policies to apply more granular controls to specific websites, including social media platforms and cloud-based collaboration services, where data exposure risks are often higher.
This capability is particularly relevant given that a significant proportion of ransomware attacks are delivered via web-based channels. Common attack vectors include seemingly legitimate documents such as CVs or job offers, which may be distributed either as email attachments or, increasingly, as download links hosted on external websites. In many cases, users access these files through personal webmail accounts or unmanaged browsing sessions, further increasing the risk of exposure outside traditional corporate security controls.
Augmenting Existing Cloud Security
Many organizations have now migrated a significant portion of their applications to the cloud. While some cloud application providers include basic, built-in security controls, these are often not sufficient on their own to meet stricter compliance requirements or to defend against more advanced, targeted threats.
As a result, most organizations adopt additional layers of security to strengthen protection and reduce risk. Fortra Email Security solutions are designed to support this hybrid reality, offering flexible deployment options that can run either on-premises or in the cloud. This allows organizations to align their email security approach with existing infrastructure, operational preferences, and long-term strategic direction, without being constrained by a single deployment model.
Summary
Modern security threats continue to evolve rapidly, placing increasing pressure on CIOs to protect their organizations from both external attacks and internal data loss risks. At the same time, large-scale changes to IT infrastructure are rarely quick or straightforward, which can leave gaps in protection as new threats emerge.
Fortra addresses this challenge by enhancing existing security environments rather than requiring full replacement of established systems. This approach allows organizations to strengthen their defenses while maintaining operational continuity and protecting prior technology investments.
Fortra Email Security solutions are designed to integrate with and augment existing email and web infrastructures, helping organizations achieve a higher level of security and data protection. This enables safer collaboration across digital communication channels while supporting both current operational needs and longer-term security strategies.