What needs improvement with Avanan?


Please share with the community what you think needs improvement with Avanan.

What are its weaknesses? What would you like to see changed in a future version?

ITCS user
11 Answer

author avatar
Top 20Real User

Being cloud first and because we are in the movie business, we use a lot of Macintoshes. So, there is absolutely no reason for us to have Active Directory whatsoever. However, if you are using Office 365, you must have Active Directory in order to reset passwords. Even though we have a single sign-on provider, we must have Azure Active Directory for Office 365, which is really stupid. As a cloud application, you would think that I don't need Active Directory, which I don't need for anything else except Office 365. We have one server inside that space to help us manage Active Directory just for Office 365. This is a very sore point, but it is what it is. There are some things that they can't remediate. The honest thing is nobody can right now because of the nature of how some of the secure email platforms work. We have worked with them on some other different vendors to integrate into. There is a particular space that is a unique challenge for everybody. We are trying to help with this as well. For example, if I need to send you information securely, whether I'm using Google, Microsoft, or a third party, I may send you an email that is encrypted but you don't really get the email. When you open up the email you have to click a link to login to a server to read the email, e.g., sometimes a doctor sends you secure messages. The information is not in an email and it's not on your computer, but you receive an email that says, "Click on this link. Login to the server online to view the message or information." Well, in doing that, the message in that email that is sent to you to go to that server is 100% legit. Everything about it is correct, even the TinyURL or whatever. There is nothing wrong with that email. Once you connect to that server and you login to view the message, it may have a payload that will get distributed onto your phone or your computer. Avanan doesn't have a way to protect against that because it's not an email issue anymore. At that point, the email was delivered and it was fine. It was you going to a server in your web browser that caused a problem. Then, the question is: Because the attack factor came in via the email, how do you build out an innovative solution that allows you to better manage the risk associated with secure emails without having to compromise the integrity or confidentiality associated with reading that particular privileged email? I think combinations of browser isolation, proxy, or some other different pieces that endpoint security operation components will address this.& There is a handoff or convergence associated with those different faculties or capabilities. Then, the next question is: Is this something that Avanan needs to address or is it something that the endpoint security needs to address?

Find out what your peers are saying about Avanan, IRONSCALES, Microsoft and others in Email Security. Updated: September 2021.
535,015 professionals have used our research since 2012.