Phishing. Spyware. Spam. Viruses. Compliance. Technologies to combat these e-mail security problems are proliferating,...
but the application all of them protect remains the bane of many security managers' daily lives.
"We have multiple AV vendors and still we sit, hope and pray," said Jared Martin, executive vice president for Internet service provider BigCity Networks Inc. in Houston. "It's the uneducated end user that causes enterprise-wide outbreaks. One user doesn't realize he can take down an entire enterprise just by clicking."
User awareness is the single biggest problem that needs to be addressed -- and there is no product that can protect an enterprise.
"People put too much trust in things that come into their inbox," Martin continued. "An online training course -- even just a PowerPoint presentation -- could be used to show users some of the common sense things they need to look for and drive home that they are the last line of defense."
Beyond user education, organizations should consider whether they want point solutions to tackle each issue or if they prefer to manage a product that handles more than one task.
"Over the last four years or so admins have deployed separate antivirus and antispam endpoint solutions, making it difficult to manage and patch," said Teney Takahashi, market analyst for The Radicati Group Inc. in Palo Alto, Calif. "Users are moving toward simple management and away from point solutions. Cost is a huge aspect of point solutions -- ongoing maintenance and other costs really build up over time."
Martin stands by products from Tumbleweed, such as Email Firewall, MailGate, MailGate Edge and MailGate Secure Messenger, which he uses together to protect clients at his ISP.
"Filters won't be 100% effective -- ever," Martin said. "No one can keep up with the spammers in terms of filtering, but Tumbleweed writes filters quicker than most."
With Email Firewall, organizations can stop spam, viruses and phishing attacks at the gateway. It also prevents intellectual property leaks through customer-defined content filtering parameters and defines policies based on any characteristic of e-mail, ensuring compliance with industry and government regulations.
But, Richard Applebaum, an e-mail administrator for The State of California, Department of Transportation [Caltrans], swears by the Barracuda Spam Firewall 600 for his 20,000 clients.
"We plugged the Barracuda 600 in and turned it on and immediately saw a 40% drop in spam without configuring it," said Applebaum. "And Barracuda gets rid of 80% to 85% of viruses as well."
"The Barracuda spam solution is the best on the market for the money," he said. "Four Barracuda 600s with support and updates for a year were under $50,000 while competing products were around a quarter of a million." And it fits both small and large organizations without requiring a dedicated spam administrator, he added.
Phishing, an online fraud aimed at gullible users, damages consumer confidence in conducting business over the Internet. It can weaken a company's credibility and diminish the value of its brand. Another big issue for enterprises: e-mails making their way into corporate networks that ultimately glean passwords and account information, employees' personal information and confidential corporate data.
Martin believes it all comes back to user education. "Phishing is becoming an epidemic," Martin said. "E-mail is insecure -- it comes cleartext across the Internet. What type of user thinks their bank would communicate that way?"
Even so, such scams are becoming increasingly clever; recently, stolen financial data began to show up in phishing scams to make the attacks likelier to get a response. When a person sees the correct information in the e-mail, he or she is more apt to trust it's origin, which is a mistake.
"Spam has evolved from just being an advertising tool and is now more malicious," said Takahashi. "They're getting more organized and sophisticated to trick end users."
More than 84% of almost 2,000 frequent Internet users surveyed recently by the Ponemon Institute stated that their computer is, or has been, infected with spyware at some point in the recent past, often resulting in productivity losses. Spyware is often downloaded to a user's computer when he clicks a link, either on a Web site or in an e-mail.
"Spyware, like keystroke loggers, is the next key threat for corporations," Takahashi said.
The biggest problem with antivirus products is getting timely signature updates, but there are ways around that -- both Martin and Applebaum stress that doubling up on AV protection is crucial these days. "AV is only as good as the updates," Martin said. He uses a McAfee e-mail firewall and Kaspersky's antivirus engine for Tumbleweed's MailGate and was glad he did. "We check for updates every 30 minutes so we get updates as quickly as possible without putting too much of a load on the server," Martin said. "Kaspersky caught a Sober variant that McAfee didn't catch for four more hours."
Regulatory compliance brings its own set of issues to e-mail security.
"In terms of SOX, you can't leave yourself open to data breaches -- and there are no SOX or HIPAA package solutions," Takahashi said. "Content filtering is also a must to prevent intellectual property from being transmitted outside the company."
Sybari Software Inc. [owned by Microsoft], Clearswift Limited, StillSecure and Borderware Technologies Inc. are just a few more providers of e-mail security products that can mitigate these issues.
This article originally appeared on SearchSecurity.com.