Security Management Strategies for the CIO
Email Alerts
-
Best Messaging Security Products 2011
null
-
Information security book excerpts and reviews
Visit the Information Security Bookshelf for book reviews and free chapter downloads. Information Security Book
-
Email security test: Basics and threats
Test your knowledge of email security essentials with this fifteen-question quiz from Joel Snyder. Quiz
-
Microsoft Exchange Server Security: Spam protection and recovery
This lesson will explain how to protect your Exchange 2003 environment today from spam, malware and Web-based attacks, and what to anticipate from the new features coming in Exchange Server 2007. Messaging Security School
-
Messaging Security School
SearchSecurity.com's Messaging Security School has brought together some of the most knowledgeable experts in the messaging security field to offer you personal instruction on how to secure the information handled by your organization's knowledge wor... Security School
-
Information Security Quizzes
Test your knowledge of everything security, from network security to regulatory compliance, with our collection of quizzes. Security Quiz
-
OpenPGP and email: Email from beyond your Web of trust
Examine how OpenPGP works and how to confirm that the person you are communicating with over email is not legitimate, in this Chapter 8 excerpt from "PGP & GPG: Email for the Practical Paranoid," by Michael W. Lucas. Book Chapter
-
PING: William Pelgrin
A mock phishing exercise against 10,000 state employees conducted by the director of New York's Office of Cyber Security and Critical Infrastructure Coordination provided a measure of user awareness. Information Security maga
-
E-mail Security School Final Exam Answers
Security Quiz Answer
-
E-mail Security Essentials: Quiz Answers
Security Quiz Answer
- See More: Essential Knowledge on Email Security Guidelines, Encryption and Appliances
-
RSA Conference 2012 keynote prescribes intelligence-driven security
RSA’s Arthur Coviello urged security pros to break down silos and intelligence-driven security programs, or face a tough year. News | 28 Feb 2012
-
New Epsilon CISO to expand security team, assess security practices
Newly appointed Epsilon CISO Chris Ray said he will take a step back and get a better understanding of the business before trying to address gaps. News | 25 Jan 2012
-
NSA cryptography expert says focus on people, not technology
A prominent encryption expert at the annual cryptographer's panel at RSA Conference 2011 said poorly implemented encryption deployments are being stymied by employee errors. Article | 15 Feb 2011
-
Voltage upgrades SecureMail with email security policy enhancements
Voltage announced SecureMail v4 to make email security management easier for the user, including support for Microsoft Exchange and BlackBerry devices. Article | 15 Feb 2011
-
Microsoft Outlook 2007 update caused email authentication issues
Microsoft has pulled a non-security update to Outlook 2007 after customers complained of connection and performance issues when the automatic update was applied to company machines. Article | 21 Dec 2010
-
St. Bernard Software acquires Red Condor
Web security provider St. Bernard Software said Wednesday that it acquired managed email security supplier Red Condor. News | 04 Aug 2010
-
Industry groups partner with email security service provider
FS-ISAC and BITS aim to combat phishing by making eCert's email certification service available to their memberships. Article | 10 Jun 2010
-
Piper Jaffray fined for email retention violations
FINRA fines investment firm $700,000 for email retention failures over six-year period. Article | 24 May 2010
-
Antispam technologies remain typical, but hosted model gains footing
Most cloud-based antispam services use a mixture of the same techniques to weed out spam, but some services stand out with encryption, archiving and e-discovery features. Article | 05 May 2010
-
Email authentication methods critical in fight against phishing
Companies need to implement email authentication in order to protect customers against increasingly sneaky phishing attacks, experts say. Article | 03 Mar 2010
- See More: News on Email Security Guidelines, Encryption and Appliances
-
Using DMARC to improve DKIM and SPF email antispam effectiveness
DMARC aids the DKIM and SPF protocols that help keep spam out and let legitimate emails in. David Jacobs explains how. Tip
-
Too many encryption methods make secure communications difficult
Financial-services firms looking to use encryption for secure communications with business partners can run into many complications because of all the encryption systems and standards. In this tip, Randall Gamby explains the various components that m... Tip
-
Strategies for email archiving and meeting compliance regulations
According to a recent study, 29% of surveyed IT professionals archive their email for compliance reasons. Michael Cobb reviews compliance regulations that demand email archiving and how such products can ease some of the pain that comes with the proc... Tip
-
Enigmail: Wrapping email in a digital security blanket
In this tip, contributor Scott Sidel examines Enigmail, a Mozilla Thunderbird add-on that makes email security esay for security pros. Tip
-
Email authentication showdown: IP-based vs. signature-based
Email has long been a favorite method for malicious hackers looking to launch attacks, and one of the first steps in defending against vicious email threats lies in developing a strong email authentication strategy. In this tip, contributor Noah Schi... Tip
-
Outbound content filtering requires products and processes
Expensive and damaging corporate data breaches often happen because sensitive information silently leaks out the door with unknowing employees or malicious hackers. But as Mike Rothman explains, those cracks can be patched with an outbound content fi... Tip
-
Unified communications infrastructure threats and defense strategies
Unified communications systems promise exciting productivity gains for workers and cost savings for businesses, but many often underestimate the security threats facing them. John Burke outlines the threats facing unified communications and how to de... Tip
-
ClamAV clamps down on e-mail security
In this monthly Downloads column, contributing editor Scott Sidel examines Clam AntiVirus, an open source antivirus toolkit for Unix, specializing in email scanning on mail gateways. Tip
-
Using steganography for securing data, not concealing it
Steganography is a useful technique for securely storing sensitive data, but the difficulty in detecting its usage can create an opportunity for digital miscreants. Michael Cobb explains how to ensure the practice isn't used maliciously. Tip
-
Microsoft Outlook security workaround for administrators and developers
Serdar Yegulalp explains Outlook Redemption and how the program maneuvers around Microsoft Outlook's security limitations. Tip
- See More: Tips on Email Security Guidelines, Encryption and Appliances
-
Exchange Server administration policy: Managing privileged user access
Randall Gamby explains the important particulars involved with setting up and securely supervising an enterprise Exchange Server administration policy. Answer
-
Hop-by-hop encryption: A safe enterprise email encryption option?
Learn how hop-by-hop encryption gives enterprises the opportunity to send encrypted emails to large amounts of employees without a digital signature for each email from expert Michael Cobb. Answer
-
Learn how to utilize a free spam-filtering service for your SMB
Learn how a Web-based free spam-filtering service can secure email and prevent spam from attacking your enterprise. Answer
-
Diffie-Hellman vs. RSA: Comparing key exchange algorithms
See which encryption method uses digital signatures, symmetric key exchanges, bulk encryption and much more in this Diffie-Hellman vs. RSA showdown from expert Michael Cobb. Answer
-
Google 'Gchat' security and Internet application security best practices
Users in the enterprise may unknowingly be exposed to 'Gchat' security risks. Expert Michael Cobb discusses Internet application security best practices that can help protect enterprise users. Ask the Expert
-
How to keep messages secure with an email digital certificate
Using an email digital certificate can help protect important information from being read by anyone except the intended recipient. Ask the Expert
-
Preventing unauthorized email issues from hindering an organization
In this expert response, find out how to prevent your organization from sending out unauthorized emails. Ask the Expert
-
Is messaging in symmetric encryption better than PGP email security?
Is symmetric encryption or PGP the more reliably secure way to send email? Learn more in this expert response from Randall Gamby. Ask the Expert
-
Digital signature implementation: How to verify email addresses
When implementing digital signatures in Outlook, learn what pitfalls to avoid and how to verify the email addresses and digital signatures of the senders. Ask the Expert
-
How secure is an email with a .pdf attachment?
Sending sensitive information in an email or as an attachment is unsafe, and depending on your organization's security policies, could land you in a lot of trouble. Michael Cobb explains why. Ask the Expert
- See More: Expert Advice on Email Security Guidelines, Encryption and Appliances
-
Advanced Encryption Standard (AES)
The Advanced Encryption Standard (AES) is an encryption algorithm for securing sensitive but unclassified material by U.S. Government agencies and, as a likely consequence, may eventually become the de facto encryption standard for commercial transac... Definition
-
Twofish
Twofish is an encryption algorithm based on an earlier algorithm, Blowfish, and was a finalist for a NIST Advanced Encryption Standard (AES) algorithm to replace the DES algorithm. Definition
-
Defense Message System (DMS)
The Defense Message System (DMS) is a secure X.400-based e-mail system developed by the United States government in conjunction with industry partners to ensure safety for critical operations. Definition
-
data encryption/decryption IC
A data encryption/decryption IC is a specialized integrated circuit (IC) that can encrypt outgoing data and decrypt incoming data... Definition
-
asymmetric cryptography (public-key cryptography)
Asymmetric cryptography is cryptography in which a pair of keys is used to encrypt and decrypt a message so that it arrives securely. Initially, a network user requests a public and private key pair. A user who wants to send an encrypted message can ... Definition
-
passphrase
A passphrase is a string of characters longer than the usual password (which is typically from four to 16 characters long) that is used in creating a digital signature (an encoded signature that proves to someone that it was really you who sent a mes... Definition
-
cipher block chaining (CBC)
Cipher block chaining (CBC) is a mode of operation for a block cipher (one in which a sequence of bits are encrypted as a single unit or block with a cipher key applied to the entire block). Definition
-
cut-and-paste attack
A cut-and-paste attack is an assault on the integrity of a security system in which the attacker substitutes a section of ciphertext (encrypted text) with a different section that looks like (but is not the same as) the one removed. Definition
-
challenge-response system
A challenge-response system is a program that replies to an e-mail message from an unknown sender by subjecting the sender to a test (called a CAPTCHA) designed to differentiate humans from automated senders. Definition
-
ciphertext
Ciphertext is encrypted text. Definition
- See More: Definitions on Email Security Guidelines, Encryption and Appliances
-
Enterprise encryption strategy: The path to simple data encryption
This primer on enterprise encryption strategy covers use cases for various devices and data types, and offers strategies for simple data encryption. Video
-
Podcast: Exchange security -- A quick primer
Today's complex Exchange environments are costly and difficult to protect and secure from threats like spam, spyware, malware and viruses. This 12-minute expert podcast features a summary of the key issues pertaining to the security of Microsoft Exch... Podcast
-
Podcast: Fact or fiction -- The future of email attacks
What will the future hold regarding email attacks? In this expert podcast, Tom Bowers will confirm or debunk a number of common beliefs about what's coming next. Podcast
-
Using DMARC to improve DKIM and SPF email antispam effectiveness
DMARC aids the DKIM and SPF protocols that help keep spam out and let legitimate emails in. David Jacobs explains how. Tip
-
RSA Conference 2012 keynote prescribes intelligence-driven security
RSA’s Arthur Coviello urged security pros to break down silos and intelligence-driven security programs, or face a tough year. News
-
New Epsilon CISO to expand security team, assess security practices
Newly appointed Epsilon CISO Chris Ray said he will take a step back and get a better understanding of the business before trying to address gaps. News
-
Exchange Server administration policy: Managing privileged user access
Randall Gamby explains the important particulars involved with setting up and securely supervising an enterprise Exchange Server administration policy. Answer
-
Best Messaging Security Products 2011
null
-
Hop-by-hop encryption: A safe enterprise email encryption option?
Learn how hop-by-hop encryption gives enterprises the opportunity to send encrypted emails to large amounts of employees without a digital signature for each email from expert Michael Cobb. Answer
-
Learn how to utilize a free spam-filtering service for your SMB
Learn how a Web-based free spam-filtering service can secure email and prevent spam from attacking your enterprise. Answer
-
Enterprise encryption strategy: The path to simple data encryption
This primer on enterprise encryption strategy covers use cases for various devices and data types, and offers strategies for simple data encryption. Video
-
Information security book excerpts and reviews
Visit the Information Security Bookshelf for book reviews and free chapter downloads. Information Security Book
-
Diffie-Hellman vs. RSA: Comparing key exchange algorithms
See which encryption method uses digital signatures, symmetric key exchanges, bulk encryption and much more in this Diffie-Hellman vs. RSA showdown from expert Michael Cobb. Answer
- See More: All on Email Security Guidelines, Encryption and Appliances
About Email Security Guidelines, Encryption and Appliances
Build an email security strategy and policy and get tips on security guidelines. Learn about email encryption (SMIME and PGP), appliances, authentication, software, filtering and antispam and antivirus.