esackbauer I’m sure the browser protection will help in a lot of cases, but there are a few properties of the phishing protection with URL rewriting in the e-mail that are not covered by that:
- User tracking
- Early blocking of “bad” URLs
ad 1) I work at a university (not in the central IT) and in the central IT (with an unfortunate corporate mindset) there’s a SOC (security operations centre) which monitors and tracks “bad” stuff going on, like clicking on “bad” links, if they can know about this. The browser features you mentioned do not report to the SOC, but the URL-rewriting in-between has logs which can link a rewritten URL with a user upon use. This is useful if you (as SOC member) want to block an account based on clicking on the wrong URL.
ad 2) If some users notice the “bad” URL and report this, the IT department can block the link before it can do much damage. I’m sure the phishing protection of browsers will not be as quick to block URL, because of the scale and potential false positives. In a single organisation, the risk of false positives vs clicking on phishing links has a completely different priority structure.
Anyway, at the university there’s growing awareness of the risks of using American cloud based solutions and the digital sovereignty voices are gaining ground. Mailcow is definitely on our radar to promote as alternative, and such a URL rewriting tool would be another checkmark on the list of requirements. (Not to mention that proofpoint is also American and very expensive at the scale of a whole university)