|
|
Avoiding Blacklisting: Making Sure Your Email Gets Through
We all know that email is probably today's most popular way to advertise. Every day our inboxes are filled with messages from people who want our business--whether we asked for the contact or not. Email is today's biggest communication factor;...
bBlog.com- PHP Blogging Software
bBlog is a powerful, elegant blogging software written in PHP
and released as free, Open Source software under the GPL. It is
very flexible but simple way to blog that works for beginners,
and can grow into a more advanced users needs. It is used...
How Sarbanes-Oxley Affects Corporate Email Systems
The Sarbanes-Oxley Act of 2002 and associated rules adopted by the Securities and Exchange Commission (SEC) require certain businesses to report on the effectiveness of their internal controls over financial reporting. Effective internal controls...
How to Frustrate Password Crackers: 8 Tips
Some time ago, I was one of the most prolific contributors to one of the most popular newsgroups on Usenet. The newsgroup's purpose was to provide fraudulently-obtained, but valid, passwords for websites. The process there is fairly...
Shaner Company chooses gomembers’ membertrak™ solution
[Herndon, VA] --- gomembers, Inc. (http://www.gomembers.com) is pleased to announce that the Shaner Company (SC: http://www.shaneco.com), has chosen gomembers’ membertrak solution to manage its membership and meetings functions. “membertrak was...
|
|
|
|
|
|
|
|
Maximizing E-mail Security ROI - Part IV – The Digital Monsters under Your Bed: E-Mail Intruders
This is the last of a five-part series on Maximizing Email Security ROI.
Remember your kid fears? As soon as the lights went out, the monsters under your bed began plotting ways to get you. Somehow, though, you always managed to outsmart them and make it through the night. Then one night you grew up, and the monsters went away for good.
Well, they're back. And they've unionized.
International rings of hackers, many backed by funds from organized crime groups, are the new monsters hiding under your bed-only now they'll attack in broad daylight. They've realized that there's money to be made by breaking into your network-lots of money-and they want their "fair share." They have advanced degrees, financial motivation and plenty of time to figure out ways around software-based e-mail intrusion "solutions" (yes, even the really, really expensive one you just installed-sorry).
Once hackers have discovered a way into your network, all bets are off. They have access to any information residing on your servers, including your customer database, employee personnel files, bank account numbers and proprietary product information. They can run denial-of-service attacks to take down mail servers and disrupt your work environment. They can hijack your servers and use them as "spam cannons," sending millions of fraudulent e-mails purporting to be from your company. In short, they can do whatever they want.
This week's newsletter will identify the specific dangers posed by network intrusions and explain how keeping these new monsters from stealing the digital lifeblood of your enterprise can ensure that your investment in network security is handsomely rewarded.
Determining E-mail Security ROI
When attempting to extract meaningful hard-cost data to evaluate e-mail security ROI, damages can be broken into two categories: Ongoing or Catastrophic. Ongoing costs tend to occur continually and increase in scale. For instance, a 10% increase in spam volume will result in 10% higher costs. Catastrophic costs, on the other hand, are "one-and-done" losses that are intermittent but categorically high when they occur. An example of a catastrophic cost would be a single security breach that allowed theft of proprietary intellectual property, causing millions of dollars in losses. In general, failure to prevent e-mail intrusions will result in expenditures that qualify as catastrophic. Liability
Last week's IronMail Insider discussed the costs associated with allowing inappropriate material to cross the enterprise gateway or pass between workstations. The lawsuits resulting from companies failing to enforce e-mail policy and being held responsible for the messages crossing their networks all resulted in catastrophic costs to the enterprise.
As with policy enforcement (and encryption, the topic of next week's newsletter), intrusion prevention is paramount to a company's efforts to comply with legislation regarding customer, financial and patient information security. Federal legislation such as HIPAA, Sarbanes-Oxley and GLBA provides for steep financial penalties for corporations which fail to take the necessary steps to ensure information security (up to $250,000 per incident). In addition, potential arrests and criminal charges for company officers, and costly lawsuits from customers and patients should provide all the incentive necessary for companies to do anything possible to protect classified information.
A terrifying example of the liability
faced by an organization which fails to prevent intrusions happened very recently. On August 1, 2004, a database intrusion occurred through one unsecured computer at the University of California - Berkeley. The intrusion wasn't discovered until August 30, meaning the hackers had a full month of unfettered access to the personal information of as many as 1.4 million disabled and elderly Californians, opening the door to a potentially devastating class action suit by those affected. This incident serves as a disturbing reminder that a single workstation can sacrifice the identities of millions.
Reputation
Loss of trust from partners and customers due to a company's failure to prevent hackers from accessing their network can be just as destructive as any lawsuit. Failure to prevent intrusions into an e-mail system will leave administrators with few, if any, options after the damage is done. Business partners will be understandably reluctant to share any of their proprietary information, and customers will likely look to your competitors to ensure that their private data is safe.
Not surprisingly, most companies will go to great lengths to hide the fact that their systems have been compromised. Over 50% of respondents to the 2004 Computer Crime and Security Survey by the FBI and Computer Security Institute indicated that they did not report system intrusions to law enforcement or legal council because of fear of negative publicity. Of course, if they'd had effective intrusion prevention in the first place, there wouldn't be anything to report. Asset/IP protection
The only way to ensure that all information residing on, or accessible through, e-mail servers is protected is to make it completely invisible to hackers and other would-be intruders. While some software-based approaches do serviceable jobs of detecting intrusion attempts and thwarting them when they happen, the mere fact that the hacker knows where the network is provides motivation enough to keep trying to find a way in.
When your company's intellectual property is stolen or otherwise compromised, the catastrophic costs can be staggering. According to the 2004 Computer Crime and Security Survey, a total of 269 respondents from U.S. corporations, government agencies, financial institutions, medical institutions and universities reported intellectual property losses totaling $11,460,000 in damages from theft of proprietary information. An unfortunate side note to this statistic: 98% of the survey respondents had firewall protection in place, a revealing testament to the ineffectiveness of stand-alone security components.
Get Rid of the Modern-Day Monsters
A comprehensive e-mail security approach including elements of anti-spam, anti-virus, policy enforcement, intrusion prevention and encryption is the most effective defense against all external and internal threats. For more information on how to protect your enterprise network from all manner of e-mail threats, download CipherTrust's FREE whitepaper, “"Securing the E-Mail Boundary: An Overview of IronMail".
The final installment of the Maximizing E-Mail Security ROI series will discuss the issues surrounding encryption of confidential information contained in e-mail messages.
About the Author
CipherTrust is the leader in anti-spam and email security. Learn more by downloading our free whitepaper, "Securing the E-Mail Boundary: An Overview of IronMail"
|
|
|
|
|
Tucows Downloads - Download Freeware and Shareware Software |
Download freeware, shareware, and demos. Maintains over 45000 software titles that are tested, rated, reviewed and ready to download. |
www.tucows.com |
  |
Free Software Downloads and Software Reviews - Download.com |
Download shareware, freeware and Demo software for PC, Mac, Linux, and Handhelds categorized into categories, plus software reviews. |
www.download.com |
  |
Computer software - Wikipedia, the free encyclopedia |
This includes application software such as a word processor, which enables a ... Application software is often purchased separately from computer hardware. ... |
en.wikipedia.org |
  |
Shareware.com - Search for shareware programs and free software ... |
Search for shareware programs from more than a dozen downloadable software directories. |
www.shareware.com |
  |
Jumbo: Free & Shareware MP3 files, Games, Screen Savers & Computer ... |
Source of free and shareware computer programs and utilities for PC and Mac. Evaluate software and read product reviews. Download games and screen savers. |
www.jumbo.com |
  |
Computer Software in the Yahoo! Directory |
Browse categories featuring sites devoted to computer software, including shareware and freeware download sites, operating systems, desktop customization, ... |
dir.yahoo.com |
  |
IEEE Software |
IEEE Computer Society's magazine covering all aspects of software, including software engineering. |
www.computer.org |
  |
Free Downloads on ZDNet | Shareware, Trialware, Evaluation Software |
ZDNet's Software Directory is the Web's largest library of software downloads. Covering software for Windows, Mac, and Mobile systems, ZDNet's Software ... |
downloads.zdnet.com |
  |
FSF - The Free Software Foundation |
Free software is a matter of liberty not price. Think of "free" as in "free speech". |
www.fsf.org |
  |
Apple - Software |
Software products for your digital life. ... The perfect addition for professional review. QuickTime Broadcaster. Encoding software for live events. ... |
www.apple.com |
  |
Open Directory - Computers: Software |
In Partnership with AOL Search. about dmoz | report abuse/spam | help. the entire directory, only in Computers/Software. Top: Computers: Software (38471) ... |
dmoz.org |
  |
freshmeat.net: Welcome to freshmeat.net |
About: The Web browser is probably the most frequently used software today, ... Web professionals can use the software for functional testing and regression ... |
freshmeat.net |
  |
Software - GNU Project - Free Software Foundation (FSF) |
Listing of the GNU software packages. |
www.gnu.org |
  |
Sun Software |
Get enterprise-class software--Solaris 10 OS, the Java Enterprise System, ... Sun Java StorageTek Software reduces cost and complexity with a single, ... |
www.sun.com |
  |
Internet Real Estate.com -- owns and operates a portfolio of the ... |
SOFTWARE.COM · SWEEPSTAKES.COM · PHONE.COM PODCAST.COM ... Software.com | Sweepstakes.com | Phone.com | Podcast.com | Shop.com | Safety.com ... |
www.internetrealestate.com |
  |
Joel on Software |
A weblog by Joel Spolsky, a programmer working in New York City, about software and software companies. |
www.joelonsoftware.com |
  |
Amazon.com Software: Computer & video games, business, accounting ... |
Online shopping for computer & video games, business & office productivity software, software from Microsoft, Apple, Adobe & more; accounting, antivirus, ... |
www.amazon.com |
  |
IBM Software - Home Page |
IBM home page for all of its software products, including Lotus and Tivoli, with keyword search, category browse and AZ product names. |
www.ibm.com |
  |
Opera web browser: Homepage |
Copyright © 2006 Opera Software ASA. All rights reserved. Skip navigation. Opera Software ... Copyright Opera Software ASA . All rights reserved. ... |
www.opera.com |
  |
Google Directory - Computers > Software |
Search only in Software Search the Web ... Software Categorized by Letter: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z ... |
www.google.com |
  |
|