During the past year, e-mail has centrally emerged as a major source of enterprise IT vulnerability. According to the Radicati Group, the average corporate user sent and received 14.7 MB of e-mail data per day in 2004, a 53 percent increase from the previous year.

E-mail is the lifeblood of many businesses. Criminals know this and are targeting messaging systems to cripple communications and commerce. In addition, since email contains a significant amount of vital information, messaging security protects corporate assets and is necessary for compliance with various regulations, such as Sarbanes-Oxley and HIPPA.

Broadly defined, enterprise messaging security includes protection against e-mail borne threats, like trojans, worms, viruses and other forms of malicious code. In addition, employee e-mail abuse must be curbed and in some cases, e-mail must be monitored to assure regulatory compliance. Companies are spending large portions of their budgets counteracting these threats. Ultimately, they are installing systems to accomplish various aims including anti-spam, anti-virus, encryption and policy compliance.

More importantly, unsolicited spam messages, have transitioned from a mere nuisance and productivity hindrance to a significant IT security issue. Many anti-virus and content-based anti-spam solutions are first generation detection techniques capable of stopping amateur hackers attacking large organizations.

However, while the industry matured over the last couple years, spam-based attacks became extremely sophisticated by increased stealth and creation by industry professionals. Phishing, which involves spoofed emails containing bots and application exploits, targets end users for bank account, social security and credit card numbers. , These attacks originated in the United States, propagating eastward toward Russia and Korea. Every day approximately 90,000 newly infected home-based PC’s are generating these attacks and two days later they disappear.