Published: 27 Oct 2005
No, I don't want to refinance my mortgage. No, I don't need Viagra. And no, I don't want to lose weight fast. So, why do such electronic solicitations continue their onslaught on my junk inbox and even slip in with legitimate traffic occasionally? Because spammers have teamed with the hacker underground to create increasingly clever ways to circumvent our e-mail filters.
Let's face it: We can't live without e-mail for either work or play. That's why, by 2009, another 600 million inboxes are expected to join the 1.2 billion inboxes that exist worldwide today. In my case, e-mail has all but replaced the letter and phone call.
Because e-mail is indispensable, there is a huge need to secure e-mail clients. That's why we're pleased to publish our E-mail Security Guide for Managers.
The all-in-one guide synthesizes strategic e-mail security advice into a format designed for managers like you. In this special section, we'll help you understand today's most pressing e-mail security concerns, how common threats are evolving and your product options for defending your messaging systems.
Furthermore, we recognize that you, and perhaps other members of your team, might want even more tactical advice for coping with the daily security challenges that e-mail presents. That's why our sister site, SearchSecurity.com, has created a comprehensive guide to complement this month's issue. The online guide quickly gets you up to speed on e-mail security fundamentals, and then arms you with tips for engaging vendors and evaluating products, and best practices for implementing and managing technology. It highlights material from our popular E-mail Security School, and includes other short articles, webcasts and technical tips.
It's our hope that these guides will help you navigate through the biggest and most pervasive security vulnerabilities with both strategic and practical advice. Stay tuned for more all-in-one guides on other topics in the coming months.
Until then, we'll offer expanded coverage of various hot-button security topics. In this month's "On the Line," we review five IPS appliances, putting them through their paces with common attacks, popular evasion strategies and denial-of-service attempts. We also provide a reality check on Gartner's two-year-old prediction that intrusion detection would be dead by the end of 2005. Were they right? Was the death of IDS highly exaggerated? Turn to p. 36 to find out.
Speaking of exaggeration, do you know how a security practitioner can separate true network vulnerabilities from industry hype? "Aerial View" outlines the goals to consider and the tools needed to conduct a thorough vulnerability management assessment.
And even when you have the correct perimeter protections in place, your network can be still be vulnerable, as Eric Cole points out in "Mixed Signals". Layered controls, multiple network entry points and tools that trigger automated changes conspire to produce conflicts and holes in your firewall rule sets.
Finally, I'd like to announce the appointment of Marcia Savage as our new features editor. Most recently the West Coast bureau chief at SC Magazine, Marcia has more than nine years of experience covering technology, including five years as a security specialist. I had the pleasure of working with her at CRN and I am excited to be working with her again. She'll be based in Oakland, Calif.w