Email Threat Detection Solution

The vendor is required to provide a secondary email security solution to complement our existing email security infrastructure.
- As part of ongoing efforts to improve email security posture and mitigate potential threats such as phishing, spam, impersonation, and malware, agency is looking for a solution that enhances email security beyond the primary protection layer and minimizes false positives in email security.
- Provide information on the following:
1. Improved security posture: the key defining value of an additional or replacement solution is how it provides better security over and above exchange online protection; respondents should specifically address (and demonstrate) what their solution does that exchange online protection cannot do, given agency is in a Microsoft environment.
2. High availability and redundancy: the response should demonstrate how their secondary email security solution ensures high availability, as this is critical to complement the existing email security solution.
3. Advanced security features: respondents should provide details on the advanced security features and capabilities their solution possesses, including but not limited to:
• The capability to protect agency email security against all zero-day threats, compromised QR codes, malicious embedded URLS in a file, malicious attachments, and other advance email security threats.
• The ability to block source domains; respondents should present alternatives to whitelisting and how they would be managed within the current defender for office/exchange online protection security suite.
• The ability to manage unified quarantines of spam, encrypted mail, and other queues.
• The ability to conduct automated investigation and response for new and unknown email security threats.
• The capability to support granular features like advance content filter, outbreak filters and message content, filters to allow/block emails with regular expression, spoof/impersonation email detection, domain keys identified mail (DKIM), domain based message authentication reporting and conformance (DMARC), anti-virus detection & anti-phishing detection, graymail/marketing email detection etc.
• The ability to integrate and support with client applications (e.g. Microsoft outlook) and add-ons.
4. Data loss prevention and compliance: detail how your solution helps with email archiving, eDiscovery, and compliance with relevant legislation and regulations such as the health information protection act (HIPA).
5. Ease of integration: provide insights into how easily your secondary email solution integrates with existing our current email infrastructure (Microsoft 365) and other on-premises and cloud based security tools.
6. Scalability and flexibility: demonstrate how your solution can scale and adapt to future email needs with the organizational growth of agency.
7. Performance: include location and estimate the increased latency that an extra step in the mail flow would introduce.
8. Data residency: include if the solution is resident in state, and if email data/attachments or any mail flow would be routed outside state.
9. Quarantine/automated quarantine email release: explain how your solution handles release of quarantined emails and how this works alongside with exchange online protection; users should not have to manage two (2) quarantine methods.
- Customer support and training:
• 24/7 support: access to support in case of critical issues.
• Training resources: respondents should offer onboarding and training for users, especially administrators, to ensure smooth adoption.
• Community and knowledge base: a strong support community or self-service knowledge base is helpful for troubleshooting.
• Cost efficiency: the cost structure of your solution, including how your solution provides long term value compared to alternatives. - Include your solution in a future proof of concept (PoC):
1. Demonstration of reliability:
• showcase how your solution ensures uninterrupted service as it’s critical to email security.
2. Security testing:
• Provide real-time testing of your system’s email filtering capabilities, including blocking malicious emails, handling spam, and detecting phishing attempts.
3. Seamless integration:
• Demonstrate how the secondary email system integrates with our existing infrastructure, including email clients, and other security tools we currently use.
4. Backup and archiving:
• Demonstrate how your solution handles email backups, archiving, and restores, ensuring compliance with internal and regulatory standards.
5. User experience:
• Provide a hands-on demonstration for end-users and administrators, showcasing the ease of management, reporting tools, and user interface.
6. Comparison of reporting and analytics with the underlying email security:
• Present the reporting in terms of KPI of your system to demonstrate value of reduced email security threat but not limited to the following.
1. Identify and catch malicious email security threats that are missed by underlying email security.
2. Reduction in false positive rate.
3. Threat detection accuracy based on advance security feature.
4. Threat detection accuracy based on customize email security controls.
5. Time to resolution for the submitted email sandbox analysis.
6. Demonstrate, assess gap, and provide recommendations in the underlying email security to improve the overall posture of email security.
- Mail security solution are to demonstrate its value in terms of improved security, compliance, productivity to complement the existing email security solution (Microsoft exchange online protection).
- Provide details about solutions that showcase the ability to:
• Enhance security, including spam filtering, phishing protection, and malware detection.
• Provide failover capabilities to ensure seamless communication during outages.
• Support archiving, backup of email security spam quarantine, reporting and message tracking.
• Ensure compatibility with our target email system (Microsoft exchange online protection).
• Provide use cases on how the email solution will augment the existing email solution.
• Specify how the additional system reduces false positives.
• Enhance operational efficiency by minimizing the effort required to manage email threats.
• Enhance the productivity through customizable email security controls.
- Questions/Inquires Deadline: March 5, 2025