Security
  Home
  Subscribe
  Subscribe to eNewsletter
  Subscription Customer Service
  Online
  Security Newswire
  Daily News
  eNewsletter Archive
  Bill’s Blog
  Solutions by Market
  Laura’s Blog
  Classified
  Digital Edition
  Webinars
  Showrooms
  eCards
  SDMMag.com
  SmartHome Mag.com
  Print
  Security's Current Issue
  Product of the Month
  Training & Education
  Zalud Report
  Innovations
  Guides & Reports
  The Security 500
  Annual Buyers Guide
  Top Guarding Companies
  Events
  Securing New Ground
  Security 500
  SecurityXchange Enterprise
  SecurityXchange for Integrators
  Resources
  Online Reader Service
  Industry Links
  Archives
  Career Center
  Event Calendar
  List Rental
  Resources
  Info
  Contact Us
  Media Planner
Search in: EditorialProductsCompanies
E-gad! E-mail Security Gets More Complex
by Bill Zalud
September 11, 2008

ARTICLE TOOLS
EmailEmailPrintPrintReprintsReprintsshareShareshare Use



A corporate-wide data loss prevention initiative to avoid any accidental loss of private or proprietary information includes automatic encryption of the messages, said Karl Anderson, network security manager at Domino’s Pizza.

First out of the chute: Don’t fall for the CNN.com Top News e-mails or the MSNBC.com Top News e-mails. They are fake and dangerous. If you click, you’ll get a load of sophisticated viruses.

 
Second, with billions of e-mails and Instant Messages flying across enterprise and personal computers and cell phones daily, it’s no wonder that there are growing security and privacy headaches. And, there is no doubt that e-mail traffic can run you over coming and going. With the increase in gas prices, corporations and government agencies are encouraging – if not giving up on trying to stop – telecommuting.

 
However, personal and private information related to both employees and their employers may be compromised by telecommuting staff if privacy risks are not dealt with effectively, according to a report developed by Ernst & Young LLP and the Center for Democracy and Technology.



Get a Crush on Smishing

Among the charms of the e-mail encryption system was the ease of integrating into Karl Anderson’s existing infrastructure as well as the quick learning curve of the software for users.

And it’s no surprise that the geeks and vendors have coined new cyber world words in the never-ending effort to keep up with the explosion of e-mail-centric threats.

   
There’s smishing: A recent trend that usually involves use of VoIP phone number accounts obtained through e-mail phishing attacks. Recent evil e-mail devices (CNN.com, for example) no longer distribute viruses as an attachment, but rather host the virus on a Web site and distribute e-mails that link to it. And today a crush is not puppy love or a soft drink but it’s an attack distributed through SMS messaging, e-mail and social network communication that entices users to login to a Web page and unknowingly opt in for a premium rate SMS service.

   
Karl Anderson has his eye on the various security concerns centering on e-mail.

   
Network security manager at Domino’s Pizza, he said, “At Domino’s we are in the process of implementing a corporate-wide data loss prevention initiative to avoid any accidental loss of private or proprietary information. We realized that e-mails being sent to partners and vendors, such as insurance providers, may contain information, like Social Security numbers, that must be encrypted before sending.”

   
So the giant pizza retailer brought in technology -- SecureMail from Voltage Security -- to provide corporate-wide e-mail protection by easily encrypting e-mails containing sensitive corporate or private personal information being sent to anyone, anywhere. It’s part of a corporate-wide data loss prevention initiative. “I can’t imagine any company not needing this,” said Anderson, who was surprised to find an enterprise solution that integrated so easily within his existing infrastructure, and one that required little -- if any -- end-user training.

   
The system will encrypt e-mails sent between corporate headquarters in , and among key partners and vendors. The technology automatically flags those e-mails containing sensitive data and encrypts them prior to sending. Decisions about encryption are based on pre-set policy, not by individuals on a one-off basis. A secure application enables the recipient to read an encrypted e-mail without first downloading and installing client software.

   
Still there is the other side of the coin.

   
University of Iowa police are glad one of their political science professors did not encrypt his e-mail. The police recently gathered dozens of e-mails sent to and from the professor’s UI account in which messages allegedly offered improved grades in exchange for sexual favors from female students.

   
The professor’s e-mails to several students allegedly mentioned setting up meetings to talk about a grade, extensions for work or assistance and an offer from the professor to “negotiate,” according to media reports.

   
The retrieval of enterprise and personal e-mail has become big business as law enforcement and Federal and state regulators find evidence and supporting documents in the never-say-die e-mails.

Bill Zalud
zaludb@bnpmedia.com
Bill is the Editor Emeritus of Security Magazine, and he can be reached at (773) 929-6859.

|PrintEmail

Did you enjoy this article? Click here to subscribe to the magazine.

Sponsors 

Home Security Systems





Resources + Guides

Buyers GuideBuyers Guide
Your Complete Industry Resource.

Click for digital Buyers Guide
eNewsletterseNews Signups
Subscribe to our free eNewsletters.

Security 500 RankingSecurity 500 Ranking
See Security’s biggest and best.








© 2009 BNP Media. All rights reserved. | Privacy Policy