IronPort To Buy E-Mail Encryption Company

E-mail has become a security minefield thanks to the proliferation of spam-borne malware and the increased use of e-mail to exchange sensitive information. In the last week of October alone, two variants of the Stration e-mail worm--also called Warezov--made security research firm Sophos' monthly top 10 malware list.

Recognizing the need for better control of information coming and going via e-mail, IronPort Systems, a provider of network and e-mail security products, recently said it plans to buy PostX in a move to add message encryption and recall to IronPort's existing product portfolio. IronPort, which has 450 employees in 25 countries and counts Aetna and Liberty Mutual as customers, didn't disclose how much it plans to pay for PostX, which has 60 employees and a customer list that includes Aetna and Visa.

Such security increasingly is becoming a mandate for businesses that use e-mail to send and receive client data. Under the Payment Card Industry standard, any company that handles credit card account and transaction information, including banks and the retailers that accept cards as payment, must encrypt cardholder data sent via e-mail or run the risk of Visa and MasterCard refusing to do business with them. Health care companies face additional requirements since the Health Insurance Portability and Accountability Act requires encryption for any patient health care information sent via e-mail.

For other companies, product pricing and sales strategies are shared via e-mail. "We have privileged information that goes out to sales agents or resellers, and we do want to use e-mail as the tool to communicate that information," says Brandon Meyers, manager of networking and communications for electrical manufacturer Cooper Industries.

Increasingly, companies want e-mailed data to be secure as it enters and leaves their organizations. Using IronPort's Web-based Email Security Manager in conjunction with PostX, which encrypts e-mails using the equivalent of a digital envelope, e-mail recipients can access messages only after authenticating themselves to a Web interface. Because e-mails are available only through the Web interface, senders have the ability to recall messages sent erroneously by blocking access to those messages.

IronPort also is partnering with Vontu to combine IronPort's anti-spam and antivirus software and appliance technology with Vontu's software for identifying sensitive data in a company's network and checking network traffic for outbound e-mails and files containing that data.