Enterprises targets New Barrage of E-mail Security Threats Date:   Monday , November 17, 2008 During the past year, e-mail has centrally emerged as a major source of enterprise IT vulnerability. According to the Radicati Group, the average corporate user sent and received 14.7 MB of e-mail data per day in 2004, a 53 percent increase from the previous year. E-mail is the lifeblood of many businesses. Criminals know this and are targeting messaging systems to cripple communications and commerce. In addition, since email contains a significant amount of vital information, messaging security protects corporate assets and is necessary for compliance with various regulations, such as Sarbanes-Oxley and HIPPA. Broadly defined, enterprise messaging security includes protection against e-mail borne threats, like trojans, worms, viruses and other forms of malicious code. In addition, employee e-mail abuse must be curbed and in some cases, e-mail must be monitored to assure regulatory compliance. Companies are spending large portions of their budgets counteracting these threats. Ultimately, they are installing systems to accomplish various aims including anti-spam, anti-virus, encryption and policy compliance. More importantly, unsolicited spam messages, have transitioned from a mere nuisance and productivity hindrance to a significant IT security issue. Many anti-virus and content-based anti-spam solutions are first generation detection techniques capable of stopping amateur hackers attacking large organizations. However, while the industry matured over the last couple years, spam-based attacks became extremely sophisticated by increased stealth and creation by industry professionals. Phishing, which involves spoofed emails containing bots and application exploits, targets end users for bank account, social security and credit card numbers. , These attacks originated in the United States, propagating eastward toward Russia and Korea. Every day approximately 90,000 newly infected home-based PC’s are generating these attacks and two days later they disappear. E-mail borne viruses are common. Called “blended threats”, spam is often the vehicle for dispersing viruses that can cripple an IT network. A messaging security solution must be capable of detecting and eliminating blended threats. Anti-virus vendors will soon transition from signature to malware detection, primarily because an e-mail borne attack can often precipitate before a signature is created. Application level detection will need to evolve to detect malicious attachments. Beyond anti-spam and anti-virus, email security is vital for regulatory compliance. Enterprises require a holistic solution to detect and apply necessary policies. Encryption is a double-edged sword. It is required for certain communications like compliance and general security, but should be denied in other scenarios. Protecting intellectual property is a key piece to this puzzle. Administrators are challenged to create and subsequently enforce policy. Instant messaging is increasingly replacing e-mail, and transferring files using this protocol creates a gaping hole. Most enterprises are unaware of happenings in the public IM networks like Yahoo, MSN, and AOL. The protocol variance and lack of standard in instant messaging causes hardships with industry regulations. E-mail security is an enormous problem. Each year millions of IT dollars are spent to protect an enterprise’s infrastructure. Additionally, the market space for anti-spam and e-mail security is projected to dramatically increase in the next few years. That is an enormous amount of IT spending, but e-mail is one of the primary veins of an enterprise. Because of this, hackers or the security professionals trying to stop them won’t overlook it. Additionally, regulations have begun to require all messages to be archived for a period of seven years the in US alone. Spam has indeed transitioned from being a mere nuisance to a massive problem, costing huge productivity, network bandwidth, and storage burden as the sheer volume of spam keeps doubling every 3 years. Enterprises want a single point focus to define the policy and enforce it by applying rules to all access points. They are required to advance towards a cohesive security approach that creates an ecosystem out of various components of the messaging architecture. Even as technology evolves around various threats, enterprises necessitate sound policy management and vigilant enforcement to ensure its needed level of security. Guru Rajan is Chief Architect at CipherTrust, which provides messaging security to more than 1,400 organizations worldwide. He has nearly 20 years of experience in the IT industry. He is a member of the Institute of Electrical and Electronics Engineers (IEEE) and the Indian Professional Network. He can be reached at guru.rajan@ciphertrust.com.