Securing the Internet Email Transport Mechanism

To secure corporate information assets, IT often approaches the problem with the use of more firewalls, secure messaging, strong passwords, or tighter VPN controls. These mechanisms, while good for securing from external attacks, have limited effect for internal users that have access to data and can use Internet email as the transport mechanism.

Email in the workforce has become more than a tool to distribute thoughts, ideas, and corporate plans; it has become a social medium for silently communicating with the world beyond corporate walls - real and virtual. More importantly, it is now a common method to steal, distribute and leak corporate information and secrets. It is far too easy for an employee to access secure corporate information, cut-and-paste the information into an email, and then send the email to an external email account. Even non-fraudulent activities, with best intentions, such as mailing a spreadsheet to a home email address to work from home can open a Pandora's box for leaking sensitive information.

Securing outbound corporate emails to eliminate information theft requires a well thought out plan. For the ultra-sensitive, a variety of questions immediately rush to the surface that would almost dictate companies adopt extreme measures:

• Do we take away all email usage?
• Do we block all external outgoing and incoming emails?
• Do we force all employees to sign stringent email usage policies?

Email is just too vital to the life of an organization that imposing these types of limitations would almost certainly cripple employee productivity. But outbound and inbound email traffic must always be considered to have malicious intent or possess the potential to transmit vital corporate information into enemy hands. Without suspecting and inspecting every email, corporations are leaking information daily and they don't even know it.

Deploying an email solution that enables organizations to enforce rules and policies to detect and catch fraudulent activity is needed to help promote safe and proper use of corporate email. Essential features of an email solution to detect fraudulent activities might include:

• Search all or specific Exchange servers
• Search all email users; or just specific groups or users
• Search for key words, phrases, addresses, etc. within the email body, attachments, distribution lists, subject line, sender address, and internet headers
• Search all inbound and outbound messages including the ability to filter searches on just the inbox, outbox, sent, deleted, and draft folders
• Search on size of message
• Have a robust scheduling mechanism for searches
• Allow real-time detection of misuse

Estorian LookingGlass is one such product that is specifically evolving its archiving, security and searching features to give companies more flexibility in administering their email without compromising corporate security. As a non-intrusive solution, LookingGlass maintains a separate repository for all corporate email--allowing email to be searched, scanned, and categorized without impacting the performance of the Exchange servers. A complete archive, with intelligent single-instance store technology to store a single copy of an email or attachment, helps ensure companies maintain long term compliancy and control of storage.

A price can not be put on corporate information. Exposing sensitive information such as technical specifications, application and project plans, marketing strategies, trade secrets, customer lists, and pricing data greatly reduces an organizations ability to maintain a competitive advantage but handcuffing employees doesn't help anything either. It is this gap that Estorian LookingGlass looks to fill by helping track all email activity within an enterprise, detecting misuse of email in regards to business policies, and then proactively informing security personnel to take appropriate actions without imposing undue restrictions on corporate personnel