Messaging News - August 2008 - (Page 24) SOCIAL NETWORKING monitoring, applying consolidated polices, and providing enforceable remediation are the areas that organizations struggle or ignore.” Graydon goes on to note that the evolution of communications has become multifaceted, with email, Web, IM, blogs, VoIP and so on, such that each are interchangeable from an end-user’s perspective, and even from a client’s. “Unfortunately, we haven’t seen the security implementations and solutions keep pace as a whole. Typically, each application has its own security solution, not sharing or correlating threats or data leaks. Protection solutions are primarily signature-based, while users are reading and sharing content dynamically, which is a vulnerability gap. Most commonly, none of the solutions subscribe to any management or policy standards making it impossible to monitor, manage and remediate across the content, which is now the natural view as users utilize Web 2.0 along with the multiple entry points.” Filippi points out that with every new communication media, the threat of data loss increases. “However,” he contends, “email is still the most critical messaging medium to secure.” Especially true, because today’s email threats have evolved to take full advantage of the Web. The Sophos report reveals that email is being used in an entirely different way. “Rather than incorporating malware into the email in a form of an attachment, cybercriminals are using unsolicited email, or spam, to provide links to compromised Web sites. Unfortunately, there is still a common belief that spam is not a threat but with virtually all of it unwanted, and a dangerous proportion linking to infected Web sites, organizations should secure their email and Web gateways just as fastidiously as their desktops and laptops.” Although many organizations do not, as Sophos notes, most businesses remain unprotected against Web-based threats. “A single policy is the only way an organization will be able to deal with the issues surrounding today’s user utilization of both their internal network and Internet,” believes 24 MESSAGING NEWS AUGUST 2008 Web Mail Threats For road warriors or telecommuters, Web mail can significantly increase productivity. But, does Web mail present a threat? Before answering the question, Nicholas Filippi, product manager for Sendmail, makes a distinction between corporate supported Web mail, and third party Web mail providers. He notes that corporate supported Web mail simply provides a Web-based interface to the corporate email infrastructure. By providing such a service to their employees, they are able to offer remote users access to email without sacrificing control and security. “On the opposite side is third party Web mail (such as Gmail, Yahoo! or Hotmail), which organizations have little to no control over,” states Filippi. “This poses the greatest amount of risk. In addition to the limited control organizations have over this infrastructure, it also poses a significant threat that potentially confidential information is being transferred over a relatively public media. Productivity vs. Security The use of Web mail outside the company email infrastructure is a concern. Filippi gives examples of employees that have taken confidential files and sent them through their personal Web mail accounts to work on them from home. Or others where employees had difficulty Graydon. “As end-users are becoming more content driven and their access to that content is becoming more varied, we are only beginning to see the potential issues that will emerge from a threat and leakage perspective. He details that a single policy must focus on the content and be independent of the access methodology as more novel methods are discovered by users. “We’ve raised email, Web and IM as main areas here, but what about Intranet, Extranet, Internet, wired, wireless, cellular, PC, PDA, phone, and all the myriad combinations there are and will be as users find the next technology? For IT security to provide the solutions and implementations required to secure their organizations, end-users and customers, the focus of security must shift from the transport and delivery of content to sending through their corporate email, and alternatively used their personal Web mail just to complete the task. “In either example, these are well-intentioned employees that unfortunately introduced a significant amount of risk to the organization by not following proper security practices.” It is not as simple as blocking access to Web sites that support Web mail because there are several organizations that unfortunately have to allow this traffic as part of their business workflow. “While they may allow such activity, the policy undoubtedly prohibits any sensitive or confidential information to be transferred via this method. In this situation, organizations should look to technology solutions to provide content-level analysis and enforcement of Web mail.” Typically, comments Filippi, this type of a solution is deployed as a proxy where all Web traffic is passed through it, and where policy can be applied based on the content that is being sent, not just the URL. “Otherwise,” he says, “it does introduce a large security hole where information that should have been communicated internally (within the network boundary), is now being exchanged over infrastructure that is not controlled by the organization, and security is unknown.” SJ/TMP the content itself. By focusing on this goal, a solution that provides one policy will not only solve the multiple protocol issues, but also deal with all the complexities of data, whether at rest, in motion or at an endpoint.” SJ/TMP FOR YOUR REFERENCE BorderWare Technologies, Inc. www.borderware.com Finjan, Inc. www.finjan.com Sendmail, Inc. www.sendmail.com Sophos Plc. www.sophos.com http://www.borderware.com http://www.finjan.com http://www.sendmail.com http://www.sophos.com
For optimal viewing of this digital publication, please enable JavaScript and then refresh the page. If you would like to try to load the digital publication without using Flash Player detection, please click here.