Printer Friendly

Computer security: networks face new email-related threats.

Talk of a "zombie network" might trigger thoughts of B-movie classics like "Night of the Living Dead." But to email protection experts, a zombie network is nothing even faintly amusing: it's one of the latest and most threatening ways of corrupting corporate networks.

Such zombie networks are created through a partnership of email spammers and software virus writers, says Marc Borbas, product manager for Sophos, a British-based company specializing in anti-virus and email protection. Once a specific computer in a network has been infected, it becomes a zombie--in this case, he says, it becomes "an emailing machine that spammers can tap back into." These individual machines can be linked into a "network" designed to evade filtering technology. "These can bypass a lot of systems that look at the sender," Borbas says.

Looking at other concerns in network protection and security, Borbas mentions the illegal exchange of classified or customer data, some of it inadvertent. "Our approach is that [controlling this] is a filtering job," he says. Sophos, for instance, monitors both inbound and outbound email traffic, looking for keywords, types of documents, file extensions, etc. Emails can be routed through a compliance officer, or passed to an encryption system for added security.

Security measures such as email content filtering, attachment filtering and encryption are critical components of regulatory compliance and policy enforcement, as well as automated processes that dictate how violations against corporate policies are handled by HR, compliance officers or CFOs.

Then there's the issue of dealing with sensitive emails, which have become a ripe area for prosecutors digging into archived messages. "That's definitely a huge challenge for lots of companies," Borbas says. Email architecture "wasn't perceived as a means to store messages," and the response "has been relatively manual."

Moreover, because of possible legal ramification, companies may want to delete email messages after 12 months, for instance. But they need a policy and the appropriate technology to do that.
COPYRIGHT 2005 Financial Executives International
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2005, Gale Group. All rights reserved. Gale Group is a Thomson Corporation Company.

Article Details
Printer friendly Cite/link Email Feedback
Title Annotation:businessBRIEFS
Author:Heffes, Ellen M.
Publication:Financial Executive
Geographic Code:1USA
Date:Jun 1, 2005
Previous Article:Key findings about innovation.
Next Article:Financial reporting: companies still lack key reporting data.

Related Articles
Security: is company data an asset or a threat?
One virus engine not enough! (Security).
Secure, or paranoid?
When insiders go outside the lines: for all the money companies have spent to secure their networks' outside perimeters against hackers and viruses,...
Infosecurity Europe 2005.
"Malware evolution: January - March 2005".
Sophos Security report reveals Trojan domination in first half of 2006.
Sophos security threat management report: update July 2006.
Spyware--the hidden threat to business security.
Cyber extortion is now a very real threat--is your business at risk?

Terms of use | Privacy policy | Copyright © 2021 Farlex, Inc. | Feedback | For webmasters |