Topics: Compliance

Messaging Behind Closed Doors

Posted by Mitch Irsfeld, Oct 27, 2005 08:04 PM

It used to be the case that internally created and internally transmitted messages (the oldest form of e-mail) were of little threat to the security posture of an organization. That was before we actually started monitoring what went on behind closed doors, so to speak.

Organizations started paying a little more attention to internal messages once compliance and legal requirements made it more important to do so. But the focus for e-mail protection has always been on incoming messages, and more recently, outbound messages. But there is still a heck of a lot of messaging going on behind the firewall, and security and compliance vendors have only recently begun to address it.

Compliance with internal policies and external regulations might be a driver but it isn't the only reason to monitor internal messages. With all the mobile devices that divide their time on and off the corporate network, it's becoming easier for malware to slip into the organization via someone's briefcase. Message attachments don't have to pass through a firewall if they ride in on portable media or get stored as a file and duplicated before a device is synched up with a server.

The good news is that you no longer have to purchase and manage separate control systems to monitor inbound/outbound and internal message traffic. For Exchange servers, Nemx just brought out a new version of its SecurExchange product that monitors what Nemx president John Young calls the four critical levels of security: Inbound threats; outbound policy violations, internal monitoring for enforcing compliance and acceptable use policies; and after-the-fact scanning to locate violations in existing message stores.

That's a step in the right direction. Expect more and more vendors to do something similar. But those with appliance-based systems that sit at the perimeter will have to work up a new way to include internal protection.

« Supreme Impact On IT | Main | Microsoft Does What The Others Didn't »

This is a public forum. United Business Media and its affiliates are not responsible for and do not control what is posted herein. United Business Media makes no warranties or guarantees concerning any advice dispensed by its staff members or readers.

Community standards in this comment area do not permit hate language, excessive profanity, or other patently offensive language. Please be aware that all information posted to this comment area becomes the property of United Business Media LLC and may be edited and republished in print or electronic format as outlined in United Business Media's Terms of Service.

Important Note: This comment area is NOT intended for commercial messages or solicitations of business.

Blog Categories
Healthcare Cloud Computing Enterprise 2.0 Digital Life Grok On Google Over The Air Outsourcing Global CIO Startup City Information Management Content Management Green Computing Full Nelson Unified Communications	Government IT Analytics Tech Stocks Interop Security Microsoft Apple Unvarnished Open Source Wolfe's Den David Berlind's Tech Radar Virtualization Storage Backup and Business Continuity Blog Homepage

Multicore Programming Blog

Join The InformationWeek Group On LinkedIn

InformationWeek

Business Innovation Powered By Technology

Messaging Behind Closed Doors