Thursday, February 18, 2010


Why Better E-Mail Security Is Essential For Any Organization

Organizations need to scan incoming mail for all sorts of malware keep whatever you can outside. They need to scan all outgoing mail as well, because computers can get infected by visiting malicious sites, or introducing infections by way of contaminated files from a thumb drive, CD, or DVD. 

What Could Be Wrong?
Don't risk contaminating others in the organization or damaging the orginization's brand by sending out malware-laden email. Overall email security relies in part on endpoint security. Despite what everyone agrees in best practice, not all orginizations insist on protecting their endpoints, and that's a mistake.

Beyond traditional anti-virus protection, organizations need to explicitly work to deter phishing attacks, the installation of spyware and key loggers, and work to thwart fraud. The escalation of attachs through email continues to rise unabated and you can expect this trend to perpetuate indefinitely. It's critical that organizations find ways to keep current in the email threat domain.

Policy is key to protecting the organization and its data. Email security policy can be refined over time, but begin by establishing and enforcing policy now.

Email attachements can be problematic on several fronts - they must be scanned to ensure they don't contain malware, and they must be scanned to prevent inadvertent data loss.

Many threats come in a form known as a blended threat.
In a blended threat, innocuous looking email "Email that is not obviously spam" contains a link that resolves to a malicious site. As new malicious sites arise at every moment, organizations need a tight coupling between thrir email security and their web security. Some anti-spam solutions actually check each link inside an email to determine if the sites where they point are legitimate.

Data loss tops the list of biggest concerns across all respondents, yet most organizations have yet to explicitly address data loss. Identifying sensitive data and creating policies to protect it are critical to preventing data loss.

Special Handling For Special Data:
Highly sensitive data may call for special handling. Certain data may be so sensitive that you may want to keep it out of the traditional flow of email, period. Because traditional email follows well-defined protocols and paths for delivery, it's subject to attacks designed to exploit known vulnerabilities and common email use. Availing yourself a completely separate secure channel for communication might prove the safer course of action for information considered highly sessitive - government security data, patient healthcare data, and financial transactions, for example.

Email security is vast, and it will never stop when we start talking about it. But still, Email security is a must-have. And up-to-date email security, security ready to contend with threats as they emerge, can spare the organiztion lost productivity, lost business, and the costs associated with email attacks.


About bench3 -

Haja Peer Mohamed H, Software Engineer by profession, Author, Founder and CEO of "bench3" you can connect with me on Twitter , Facebook and also onGoogle+

Subscribe to this Blog via Email :