Messaging Behind Closed Doors - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Healthcare // Analytics
Commentary
10/27/2005
08:04 PM
Mitch Irsfeld
Mitch Irsfeld
Commentary
50%
50%

Messaging Behind Closed Doors

It used to be the case that internally created and internally transmitted messages (the oldest form of e-mail) were of little threat to the security posture of an organization. That was before we actually started monitoring what went on behind closed doors, so to speak. Organizations started paying a little more attention to internal messages once compliance and legal requirements made it more important to do so. But the focus for e-mail protection has always been on incoming messages, and more

It used to be the case that internally created and internally transmitted messages (the oldest form of e-mail) were of little threat to the security posture of an organization. That was before we actually started monitoring what went on behind closed doors, so to speak.

Organizations started paying a little more attention to internal messages once compliance and legal requirements made it more important to do so. But the focus for e-mail protection has always been on incoming messages, and more recently, outbound messages. But there is still a heck of a lot of messaging going on behind the firewall, and security and compliance vendors have only recently begun to address it.Compliance with internal policies and external regulations might be a driver but it isn't the only reason to monitor internal messages. With all the mobile devices that divide their time on and off the corporate network, it's becoming easier for malware to slip into the organization via someone's briefcase. Message attachments don't have to pass through a firewall if they ride in on portable media or get stored as a file and duplicated before a device is synched up with a server.

The good news is that you no longer have to purchase and manage separate control systems to monitor inbound/outbound and internal message traffic. For Exchange servers, Nemx just brought out a new version of its SecurExchange product that monitors what Nemx president John Young calls the four critical levels of security: Inbound threats; outbound policy violations, internal monitoring for enforcing compliance and acceptable use policies; and after-the-fact scanning to locate violations in existing message stores.

That's a step in the right direction. Expect more and more vendors to do something similar. But those with appliance-based systems that sit at the perimeter will have to work up a new way to include internal protection.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
News
COVID-19: Using Data to Map Infections, Hospital Beds, and More
Jessica Davis, Senior Editor, Enterprise Apps,  3/25/2020
Commentary
Enterprise Guide to Robotic Process Automation
Cathleen Gagne, Managing Editor, InformationWeek,  3/23/2020
Slideshows
How Startup Innovation Can Help Enterprises Face COVID-19
Joao-Pierre S. Ruth, Senior Writer,  3/24/2020
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
IT Careers: Tech Drives Constant Change
Advances in information technology and management concepts mean that IT professionals must update their skill sets, even their career goals on an almost yearly basis. In this IT Trend Report, experts share advice on how IT pros can keep up with this every-changing job market. Read it today!
Slideshows
Flash Poll