Specifications include, but are not limited to: Acquiring an advanced email security and protection suite to defend the City’s network against phishing, malware, and advanced cybersecurity threats. Interested and qualified firms are encouraged to prepare a proposal with an email security solution that provides the following functionality: 1. Email Fraud Protection 1. Accurately classify phishing, imposter, and spam emails. 2. Provide method to identify emails from City approved suppliers and vendors and dynamically add them to allowed lists. 3. Provide robust set of tools to protect business email reputation without disrupting the transmission of legitimate email. 4. Block non-malware threats, e.g., business email compromise scams. 2. Detect and Block Advanced Malware Threats 1. Detect and block malware. 2. Email analysis should check both content and reputation. 3. Detect emails containing malicious URLs or attachments. 4. Provide a sandboxing and URL re-write feature to protect users from attacks. 5. Provide internal mail defense that can recognize problem emails sent within the organization. 6. Identify highly attacked usersso they can be given extra training and setup with extra security settings to mitigate risk. 3. Email Rip and Phish Alerting 1. Provide easy to use mechanism for users to report suspicious emails to IT staff. 2. Provide ability to rip poisoned emails automatically or manually from user mailboxes postdelivery. 3. Provide granular email rip capabilities using various criteria to help with automation of tasks. 4. Provide rip transaction history and simple method to restore incorrectly ripped emails.
