This article can also be found in the Premium Editorial Download "Information Security magazine: Comparing five of the top network-based inline IPS appliances."
Download it now to read this article plus other related content.
"[These products] get a lot, but not everything," Smith says. "There's still a substantial amount of spam that gets through." Smith's greatest concern is making sure that the firm is ready with a communications report at a moment's notice should regulators arrive.
That's why R.W. Smith & Associates deployed Captaris Inc.'s Exchange Archive Link to capture and archive all of the company's inbound and outbound e-mail. According to Smith, the software makes it possible for the firm to transparently create a copy of and index each e-mail.
Q: Norton Antivirus scans all incoming e-mails on my system, and I have XP with Service Pack installed. Why am I still open to viruses?
A: You need a gateway AV scanner. Norton isn't going to catch every virus. Your updates could be out-of-date, or Norton could be behind with a virus type. You've got discretionary control over your AV scanner; you could disable it, your kids could, a worm could. You don't have control over a gateway AV scanner; it's controlled by the network manager. Two lines of defense are always better than one.
Should regulators ask Smith to produce copies of e-mails, the Captaris application gives him the ability to search, view and sort each e-mail, and deliver it to the auditors on various storage media, such as recordable DVDs. The system's archival e-mail system, including hardware, software and training, costs about $13,000.
"The ROI was quick, about three months," says Smith.
The real ROI, though, came quickly after the installation. Not only did the firm undergo its required annual third-party compliance audit, but it also got a visit from regulatory bodies.
"When [the auditors] request a drop (a period of time), they're not interested in what the software might have flagged as spam and what it didn't. They want to see everything, and there are no exceptions," says Smith. Fortunately, Smith was able to provide copies of all the communications the auditors requested within the requested timeframe. "Without Captaris, we simply wouldn't have been able to produce the report in time."
While no one expects the heat from regulations to let up any time soon, neither will the threats of viruses and worms targeting inboxes. With security researchers predicting that virus writers will increasingly devise methods to sidestep antivirus applications, and spammers getting all too creative in blasting their sludge e-mails, the original killer application will continue to be in the IT security flashpoint.
Security researchers and industry analysts predict that increasingly popular targets for virus writers will be smart phones and PDAs. Security vendor McAfee last year identified five malicious applications that target mobile phones; that number reached 50 during the first quarter of this year.
|For Your Inbox|
|Click here to arm yourself against attacks with practical advice from e-mail security experts (PDF).|
"I'd never say that we're 100 percent safe," he says. "We're always leery of what's going on, and staying on top of the next threats to come."
That's probably the proper stance for anyone with an inbox.
This was first published in October 2005