Messaging News - December 2008 - (Page 29) also getting more aggressive with companies that fail to implement enforceable EPM, especially after a breach. The five-year, ongoing security audits we [see] mandated by the government are very expensive and are an attempt to make sure companies put in real, enforceable EPM solutions, not just ‘light and fluffy’ paper policies.” Lev believes that failing to keep tabs on employee use of company resources creates far too high a risk to ignore. “For example, a small company that doesn’t enforce its email or browsing policy may have an employee that views pornographic messages or inappropriate Web sites while at work. If any of the other employees are exposed to it, they could easily sue the company for sexual harassment and win. There is a lot of precedent for that type of lawsuit.” Says Husain, “For many businesses the financial risks of not having EPM are huge. Eighty percent of corporate IP is communicated via email. Imagine the loss attributed to a failed email service or days or weeks of lost email.” To that end, AppAssure offers Replay, a next generation, continuous application protection solution that reduces email retention costs, while accelerating application recoveries from hours to minutes. Policy management, in all of its incarnations, seems to always lead back to security. Lack of email policy and the vendor solutions necessary to enforce it is much like leaving the back door to the house unlocked. It’s closed, but it only takes one person trying the knob to know how to get in. “It’s a security driven issue in many respects,” explains Osterman. “There are so many things that can go wrong through normal acceptable use of email, Web, IM, etc. People make mistakes. Take for instance the Pfizer employee that installed a peer-to-peer app on her laptop with the sole intent of sharing music. It ended up exposing the personal records of 14,000 Pfizer employees. Certainly you need policies that say, ‘Don’t install anything on your laptop or desktop that is not IT approved’ but you also need a system in place that will sniff it out and that will say, ‘Okay this looks like BitTorrent traffic, it looks like it’s allowing file sharing through IM,’ and then you need the ability to lock that stuff down.” For companies looking to streamline their EPM, Kosaka believes they need look no further than Trend Micro’s Messaging Security product line, which includes new additions such as email archiving, email encryption and endpoint-based data leak prevention for messaging. For customers looking for an integrated, centrally managed EPM solution, Trend Micro also offers NeatSuite Advanced. “No matter which vendor solutions they choose,” says Lev, “Companies should look for multi-purpose solutions (like UTMs and other gateway appliances) that offer access to best-of-breed technologies from within a single box. They should also verify that their solution of choice has an “in the cloud” security component in order to make sure they are being kept up-to-date on the newest attack vectors and their defenses. More importantly, they should make sure their current solution addresses their needs for the next five to seven years.” MB/TMP What Lies Ahead? Here is what our sources had to say when we asked for email policy management (EPM) predictions for 2009. “There is widespread recognition of frequent, unintentional data leaks, with email being the most frequent channel for these breaches. I expect there will be an increased focus on protecting sensitive data leaving companies,” thinks Glen Kosaka, director of Data Protection Marketing at Trend Micro. “Given the increasing regulatory climate—with some U.S. states mandating encryption when emailing private data—technologies such as data leak prevention (content filtering) and email encryption will become mainstream to companies of all sizes and in all industries.” Michael Osterman, principal of Osterman Research says, “I think 2009 is going to be a big year for policy management, particularly as it relates to encryption and archiving. Part of that is going to be driven by the financial meltdown. There’s going to be a lot more scrutiny of corporate behavior as the U.S. government becomes “investors” in companies like AIG and Freddie Mac and potentially the auto makers.” Najaf Husain, founder, CEO and president of AppAssure feels that the coming year will be focused on backup re-design and how to get the most out of current infrastructure. “Next generation application protection solutions that blend EPM with email protection are positioned well.” “Because there are so many compliance areas—each of which often needs its own technology solution—I believe that more companies will be offering combined compliance solutions that make use of best-of-breed technologies to create a ‘one-stopshop’,” concludes Amir Lev, CTO of Commtouch. MB/TMP FOR YOUR REFERENCE AppAssure www.appassure.com Commtouch www.commtouch.com Osterman Research www.ostermanresearch.com Trend Micro, Inc. www.trendmicro.com messagingnews.com 29 http://www.appassure.com http://www.commtouch.com http://www.ostermanresearch.com http://www.trendmicro.com http://www.messagingnews.com
For optimal viewing of this digital publication, please enable JavaScript and then refresh the page. If you would like to try to load the digital publication without using Flash Player detection, please click here.