When it comes to e-mail security, it's still 'sit, hope and pray'

By Shawna McAlearney, News Editor 02 Jun 2005 | SearchSecurity.com

Digg This!     StumbleUpon     Del.icio.us

Phishing. Spyware. Spam. Viruses. Compliance. Technologies to combat these e-mail security problems are proliferating, but the application all of them protect remains the bane of many security managers' daily lives.

"We have multiple AV vendors and still we sit, hope and pray," said Jared Martin,

More on e-mail security Top five risks of Web-based e-mail Learn five specific Web-based e-mail risks and a design strategy for coping with them Seven steps to safeguard enterprise e-mail Learn about the potential risks, standards and mitigating technologies for each layer of e-mail security. Beware of DNS blacklisting perils The pros and cons of using DNS blacklists for spam mitigation.

executive vice president for Internet service provider BigCity Networks Inc. in Houston. "It's the uneducated end user that causes enterprise-wide outbreaks. One user doesn't realize he can take down an entire enterprise just by clicking."

User awareness is the single biggest problem that needs to be addressed -- and there is no product that can protect an enterprise.

"People put too much trust in things that come into their inbox," Martin continued. "An online training course -- even just a PowerPoint presentation -- could be used to show users some of the common sense things they need to look for and drive home that they are the last line of defense."

Beyond user education, organizations should consider whether they want point solutions to tackle each issue or if they prefer to manage a product that handles more than one task.

"Over the last four years or so admins have deployed separate antivirus and antispam endpoint solutions, making it difficult to manage and patch," said Teney Takahashi, market analyst for The Radicati Group Inc. in Palo Alto, Calif. "Users are moving toward simple management and away from point solutions. Cost is a huge aspect of point solutions -- ongoing maintenance and other costs really build up over time."

Spam
Martin stands by products from Tumbleweed, such as Email Firewall, MailGate, MailGate Edge and MailGate Secure Messenger, which he uses together to protect clients at his ISP.

"Filters won't be 100% effective -- ever," Martin said. "No one can keep up with the spammers in terms of filtering, but Tumbleweed writes filters quicker than most."

With Email Firewall, organizations can stop spam, viruses and phishing attacks at the gateway. It also prevents intellectual property leaks through customer-defined content filtering parameters and defines policies based on any characteristic of e-mail, ensuring compliance with industry and government regulations.

But, Richard Applebaum, an e-mail administrator for The State of California, Department of Transportation [Caltrans], swears by the Barracuda Spam Firewall 600 for his 20,000 clients.

"We plugged the Barracuda 600 in and turned it on and immediately saw a 40% drop in spam without configuring it," said Applebaum. "And Barracuda gets rid of 80% to 85% of viruses as well."

"The Barracuda spam solution is the best on the market for the money," he said. "Four Barracuda 600s with support and updates for a year were under $50,000 while competing products were around a quarter of a million." And it fits both small and large organizations without requiring a dedicated spam administrator, he added.

Check out our E-mail Security School Series Attend this FREE seminar and gain proven infrastructure hardening techniques combined with practical strategies focused on the most urgent e-mail security threats (phishing, spyware, denial of service attacks and more).

Phishing
Phishing, an online fraud aimed at gullible users, damages consumer confidence in conducting business over the Internet. It can weaken a company's credibility and diminish the value of its brand. Another big issue for enterprises: e-mails making their way into corporate networks that ultimately glean passwords and account information, employees' personal information and confidential corporate data.

Martin believes it all comes back to user education. "Phishing is becoming an epidemic," Martin said. "E-mail is insecure -- it comes cleartext across the Internet. What type of user thinks their bank would communicate that way?"

Even so, such scams are becoming increasingly clever; recently, stolen financial data began to show up in phishing scams to make the attacks likelier to get a response. When a person sees the correct information in the e-mail, he or she is more apt to trust it's origin, which is a mistake.

"Spam has evolved from just being an advertising tool and is now more malicious," said Takahashi. "They're getting more organized and sophisticated to trick end users."

Spyware
More than 84% of almost 2,000 frequent Internet users surveyed recently by the Ponemon Institute stated that their computer is, or has been, infected with spyware at some point in the recent past, often resulting in productivity losses. Spyware is often downloaded to a user's computer when he clicks a link, either on a Web site or in an e-mail.

"Spyware, like keystroke loggers, is the next key threat for corporations," Takahashi said.

Viruses
The biggest problem with antivirus products is getting timely signature updates, but there are ways around that -- both Martin and Applebaum stress that doubling up on AV protection is crucial these days. "AV is only as good as the updates," Martin said. He uses a McAfee e-mail firewall and Kaspersky's antivirus engine for Tumbleweed's MailGate and was glad he did. "We check for updates every 30 minutes so we get updates as quickly as possible without putting too much of a load on the server," Martin said. "Kaspersky caught a Sober variant that McAfee didn't catch for four more hours."

Regulatory compliance
Regulatory compliance brings its own set of issues to e-mail security.

"In terms of SOX, you can't leave yourself open to data breaches -- and there are no SOX or HIPAA package solutions," Takahashi said. "Content filtering is also a must to prevent intellectual property from being transmitted outside the company."

Sybari Software Inc. [owned by Microsoft], Clearswift Limited, StillSecure and Borderware Technologies Inc. are just a few more providers of e-mail security products that can mitigate these issues.

This story originally appeared on SearchSecurity.com.

Tags: Malware, Viruses, Trojans and Spyware,  Email and Messaging Threats (spam, phishing, instant messaging),  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Malware, Viruses, Trojans and Spyware How to defend against rogue DHCP server malware New Trojan stealing FTP credentials, attacking FTP websites Cybercriminals exploit Michael Jackson, Farrah Fawcett deaths When BIOS updates become malware attacks Antispyware buying guide for Indian enterprises PCI compliance requirement 5: Antivirus Hacker attack techniques and tactics: Understanding hacking strategies Rootkit Hunter demo: Detect and remove Linux rootkits Botnet threats and countermeasures Conficker worm much smaller than feared Email and Messaging Threats (spam, phishing, instant messaging) Unified communications: Securing a converged infrastructure Chained Exploits: How to prevent phishing attacks from corporate spies 3FN.net ISP shutdown interrupts spam campaigns Swine flu outbreak results in spam pandemic What does 'invoked by uid 78' mean? Economy fuels malware, spam Internet Explorer 8 includes a bevy of security features Adobe JBIG2 exploits being spammed, IBM warns Fierce competition prompted new Cisco email security options Cisco brings email security appliances closer to SaaS Email and Messaging Threats (spam, phishing, instant messaging) Research

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary bot worm  (SearchSecurity.com) directory traversal  (SearchSecurity.com) government Trojan  (SearchSecurity.com) Kraken  (SearchSecurity.com) man in the browser  (SearchSecurity.com) polymorphic malware  (SearchSecurity.com) RavMonE virus  (SearchSecurity.com) RFID virus  (SearchSecurity.com) Rock Phish  (SearchSecurity.com) Zotob  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary