Well, sounds like there’s a consensus for GSuite out-of-box being sufficient, so I’ll start out with that and evaluate something additional down the road.
Duncan, I’ll keep Cyren in mind if I determine that additional protection is warranted.
Thanks to all!
As you go through configuring the domain, one area you want to take a particular good look at from an anti-phishing/mail security perspective is Apps>Gmail>Safety; under that section you will find controls for what to do with encrypted attachments/attachments with scripts from unknown senders, whether you want to perform link scanning, resolve shortened URLs, how you want to handle spoofed mail, unauthenticated mail etc.
A little tip on the unauthenticated mail from personal experience – we found a scarily large amount of often very large (global brands with revenues in the billions) companies we deal with don’t authenticate their mail in any way; so whilst we were initially handling these as spam, we’ve had to relax the policy to “show warning” as people were simply missing emails from these senders constantly
In our case, these senders aren’t tech-focused companies, but really for anybody (never mind companies of their size!) to not be using any from of verification (SPF, DKIM) these days is poor.
Once you enable these controls, if you choose the warning option, the recipients will see a banner like the below on emails that don’t meet the control (example below is an unverified sender – no SPF/DKIM)
With regards to Cyren – it’s something we started to look at, but we couldn’t justify the cost of the solution when you look at what we were already getting from GSuite (which has improved even further still since we looked) – I don’t know if it’s still the case, but Google used to take a feed from Cyren for threat identification anyway (granted it wasn’t the *full* Cyren solution, but leveraging some of the threat data available)
Interestingly, it looks like Gmail may be moving into encrypted mail in the near future as well, I wonder how this will compare to the likes of Virtru, who currently offer a pretty neat solution (I don’t know if this is who Brian, above, is referring to…)