The InformationWeek -- Blogs

Security

Topics:   Security

  • Email this page E-mail this page
  • Print this page Print this page
  • Bookmark and Share
  • icon

Messaging Behind Closed Doors


Posted by Mitch Irsfeld, Oct 27, 2005 08:04 PM

It used to be the case that internally created and internally transmitted messages (the oldest form of e-mail) were of little threat to the security posture of an organization. That was before we actually started monitoring what went on behind closed doors, so to speak.

Organizations started paying a little more attention to internal messages once compliance and legal requirements made it more important to do so. But the focus for e-mail protection has always been on incoming messages, and more recently, outbound messages. But there is still a heck of a lot of messaging going on behind the firewall, and security and compliance vendors have only recently begun to address it.

Compliance with internal policies and external regulations might be a driver but it isn't the only reason to monitor internal messages. With all the mobile devices that divide their time on and off the corporate network, it's becoming easier for malware to slip into the organization via someone's briefcase. Message attachments don't have to pass through a firewall if they ride in on portable media or get stored as a file and duplicated before a device is synched up with a server.

The good news is that you no longer have to purchase and manage separate control systems to monitor inbound/outbound and internal message traffic. For Exchange servers, Nemx just brought out a new version of its SecurExchange product that monitors what Nemx president John Young calls the four critical levels of security: Inbound threats; outbound policy violations, internal monitoring for enforcing compliance and acceptable use policies; and after-the-fact scanning to locate violations in existing message stores.

That's a step in the right direction. Expect more and more vendors to do something similar. But those with appliance-based systems that sit at the perimeter will have to work up a new way to include internal protection.

« Supreme Impact On IT | Main | Microsoft Does What The Others Didn't »



Sign Up Now
For InformationWeek News Alerts




This is a public forum. United Business Media and its affiliates are not responsible for and do not control what is posted herein. United Business Media makes no warranties or guarantees concerning any advice dispensed by its staff members or readers.

Community standards in this comment area do not permit hate language, excessive profanity, or other patently offensive language. Please be aware that all information posted to this comment area becomes the property of United Business Media LLC and may be edited and republished in print or electronic format as outlined in United Business Media's Terms of Service.

Important Note: This comment area is NOT intended for commercial messages or solicitations of business.


 
 

  1. Detecting Scalability Problems With Intel Parallel Universe Portal
  2. Just Say No To SFAQL Parallelism
  3. QuickThread: A New C++ Multicore Library
Join The InformationWeek Group On LinkedIn


                           


  1. AT&T, T-Mobile, Verizon All Offering Black Friday Sales
  2. Verizon Snags Samsung's Omnia II With WinMo 6.5
  3. AT&T's iPhone Stranglehold Ending June 2010?
  4. Apple Says Users To Blame For iPhone Virus

  1. Roll Your Own Ubuntu Private Cloud
  2. Stay On Top of Source Code Security Flaws
  3. Down To Business: How Indian CIOs Stack Up
  4. CIO Profiles: John P. Burke, CIO Of Ambit Energy
  5. How Cloud Computing Changes IT Organizations
  6. Practical Analysis: Smartphones -- Passion To Profit And Productivity

 
  Ars Technica
Boing Boing
Channel 9 Forums
CRN Blogs
Dr.Dobb's Portal: Blogs
Engadget
Gizmodo
GrokLaw 		  Lifehacker
Schneier on Security
Slashdot
TechCrunch
Techdirt
Techmeme
Valleywag
  DECEMBER 2008
NOVEMBER 2008
OCTOBER 2008
SEPTEMBER 2008
AUGUST 2008
JULY 2008
JUNE 2008
MAY 2008 		  APRIL 2008
MARCH 2008
FEBRUARY 2008
JANUARY 2008
DECEMBER 2007
NOVEMBER 2007
OCTOBER 2007
SEPTEMBER 2007