Computer security: networks face new email-related threats.
Such zombie networks are created through a partnership of email spammers and software virus writers, says Marc Borbas, product manager for Sophos, a British-based company specializing in anti-virus and email protection. Once a specific computer in a network has been infected, it becomes a zombie--in this case, he says, it becomes "an emailing machine that spammers can tap back into." These individual machines can be linked into a "network" designed to evade filtering technology. "These can bypass a lot of systems that look at the sender," Borbas says.
Looking at other concerns in network protection and security, Borbas mentions the illegal exchange of classified or customer data, some of it inadvertent. "Our approach is that [controlling this] is a filtering job," he says. Sophos, for instance, monitors both inbound and outbound email traffic, looking for keywords, types of documents, file extensions, etc. Emails can be routed through a compliance officer, or passed to an encryption system for added security.
Security measures such as email content filtering, attachment filtering and encryption are critical components of regulatory compliance and policy enforcement, as well as automated processes that dictate how violations against corporate policies are handled by HR, compliance officers or CFOs.
Then there's the issue of dealing with sensitive emails, which have become a ripe area for prosecutors digging into archived messages. "That's definitely a huge challenge for lots of companies," Borbas says. Email architecture "wasn't perceived as a means to store messages," and the response "has been relatively manual."
Moreover, because of possible legal ramification, companies may want to delete email messages after 12 months, for instance. But they need a policy and the appropriate technology to do that.
|Printer friendly Cite/link Email Feedback|
|Author:||Heffes, Ellen M.|
|Date:||Jun 1, 2005|
|Previous Article:||Key findings about innovation.|
|Next Article:||Financial reporting: companies still lack key reporting data.|