As an admin, there are occasions when you’ll want to carry out a bulk removal of dangerous emails from employees’ inboxes, especially those that may contain threatening or offensive language or images.

However, there are also times where you may want to leave (safely neutralized) phishing emails within inboxes to offer people real-time teachable moments on why certain emails are flagged as dangerous. Egress Defend makes both options easy for admins.

We’ll run through how you can use Defend to detect and neutralize advanced phishing threats, then choose to bulk remove them or safely educate your people about cybersecurity.

Bulk removing emails

Some traditional email security solutions create a lot of manual work for administrators. They end up spending hours configuring rules, handling triage, and managing quarantine. On top of that, reporting dashboards that are supposed to help can end up being complex to navigate and take up bandwidth just to use effectively.

Egress Defend’s admin console avoids information overload, giving administrators simplified dashboards and the granular phishing intelligence they need to quickly highlight risky emails and remediate them through bulk removal.

Admins can go in and remediate and neutralize the most sophisticated attacks, removing them from Microsoft 365 environments (Outlook, including OWA) and mobile devices (covering email apps for both iPhone and android).

Defend gives administrators insight into people's actions, allowing you to quickly cut through the noise, identify email security risks and, where necessary, bulk remove and remediate.

Real-time teachable moments

Why not simply bulk remove every phishing email from employees’ inboxes? It’s a fair question – and one with a good answer. When you remove every phishing email from an employee’s inbox without them seeing it, you lose a valuable chance to offer real-time security awareness training that could be needed if a threat did ever find its way through.

Egress Defend uses clear, heat-based HTML banners that immediately alert people to the level of risk in a way that doesn’t disrupt their workflow. They then have the option to click for further information that explains in simple language why the email is a threat, in turn providing in-the-moment learning for employees.

A unique confidence dial provides highly-visual guidance on threat levels, while simplified email authentication information demystifies complex security issues for people. This empowers people to become cybersecurity assets – rather than being seen as risks who need constant policing.

Configuration options

Ultimately, it’s in your control which situations you want to use bulk removal in and where you want to offer real-time teachable moments to your people. We help each Egress customer to configure Defend in the way suits them best.

If you choose to leave a phishing email in someone’s inbox, Defend neutralizes any malicious links through URL rewriting. That means if a person chooses to ignore a red (high-risk) banner warning and tries to click a phishing link anyway, they’ll hit our link re-writing page where we once again highlight to them that the email shows signs of phishing. We can also stop them from going any further than our warning screen, preventing them from landing on a phishing webpage.

Or if you prefer, the decisions can be taken away from employees altogether in high-risk situations and you can configure Defend to quarantine the emails at highest risk of phishing. Either way, administrators can work with the peace of mind that phishing emails are being detected and dealt with effectively.