
	Home > Ask the Security Experts > Application Security Questions & Answers > How to prevent poor e-mail practices

Ask The Security Expert: Questions & Answers

EMAIL THIS

How to prevent poor e-mail practices

EXPERT RESPONSE FROM: Michael Cobb, featured expert

		Pose a Question

		Other Security Categories

		Meet all Security Experts
		Become an Expert for this site

Digg This!

StumbleUpon

Del.icio.us

QUESTION POSED ON: 14 December 2005
How can I "prove" that sending confidential information to customers across the Internet without encryption is a poor business practice?

BROWSE BY TAG

Application Security, Information Security Policies, Procedures and Guidelines, Information Security Management, Application and Platform Security, Email Protection, Email Security Guidelines, Encryption and Appliances, VIEW ALL TAGS

Digg This!

StumbleUpon

Del.icio.us

RELATED CONTENT

	Application Security
	Are Web application penetration tests still important?
	What does 'invoked by uid 78' mean?
	How secure are iPhone App Store mobile applications?
	What security software should be installed on Internet café computers?
	Are message stubs a secure part of email retention policies?
	How does a Web server model differ from an application server model?
	Can Google Earth and other mash-up applications threaten enterprise security?
	Do European laws prevent a U.S. company from blocking spam?
	Can one antivirus program be used to get rid of spyware?
	How to prevent cross-site scripting (XSS) session hijacking

Information Security Policies, Procedures and Guidelines

Twitter risks, Facebook threats trouble security pros

Cybersecurity czar candidate questions clout of new position

Incident response planning

The basics of enterprise GRC project management

RSA council addresses growing security risks in the cloud

How to write a risk methodology that blends business, security needs

Risk management must include physical-logical security convergence

DHS fills National Cybersecurity Center post

New partnerships, creative thinking help security bust recession

Experts optimistic of Obama cybersecurity plan

Email Security Guidelines, Encryption and Appliances

What does 'invoked by uid 78' mean?

How to configure firewall ports for webmail system implementation

Fierce competition prompted new Cisco email security options

Cisco brings email security appliances closer to SaaS

Cisco offers more email security choices, but lacks vision

Information security book excerpts and reviews

Are message stubs a secure part of email retention policies?

Strategies for email archiving and meeting compliance regulations

Product Review: Astaro Mail Gateway 4000

What are the security risks of opening port 110 and port 25?

RELATED GLOSSARY TERMS

Terms from Whatis.com − the technology online dictionary

defense in depth (SearchSecurity.com)

non-disclosure agreement (SearchSecurity.com)

security policy (SearchSecurity.com)

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

The Internet is a high-risk environment and according to the FBI's International Computer Crime Squad, one of the most common cyber crimes committed against businesses over the Internet is theft of trade secrets. While many businesses shred their sensitive paper documents to combat dumpster diving, very few encrypt their sensitive digital documents and e-mails to combat cyber espionage.

Sending an e-mail is the equivalent of sending a postcard – anyone can read it. Once an e-mail leaves a computer, it travels over multiple online services and open networks to reach its destination. It can be intercepted and read anywhere during its journey. It can also be read from the numerous backup devices and will be stored by various routing services. For example, co-workers can easily intercept an e-mail sent from an office computer as it travels through the corporate network. In addition, external e-mails travel to and from a computer via an Internet Service Provider (ISP), making ISPs one of the easiest places to intercept traffic. Broadband users share the local loop, which means neighborhood Internet traffic shares the same physical wires. With certain bits of hardware and some know-how, a hacker can easily intercept an e-mail on its way across the local loop. Finally, wireless network traffic is susceptible to interception at the base station for the antenna.

These examples are by no means the only places e-mail can be compromised, and with thousands of hackers on the Internet and so many vulnerable points, never assume an e-mail is private, unless it is encrypted.

Your clients not only need to encrypt their e-mail, but all their sensitive files and data too. They should also be enforcing a security policy aimed at securing their computers against spyware and malicious code to prevent computer-hacking and illegal eavesdropping by hackers and their competitors.

More Information

Attend Lesson 3 of E-mail Security School to learn about e-mail policy control.

Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.

Browse our Expert Advice
Operating Systems IT Management Networking Database	Security Servers and Storage Applications and Development Career Center

Find Security Solutions for Your Business
Targeted Security Channel Tips for Resellers, Integrators and Consultants

View this month\\'s issue and subscribe today.

Apply online for free conference admission.

SEARCH :

Site Index

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 2003 - 2009, TechTarget \| Read our Privacy Policy