CipherTrust | Email Security and Anti Spam Resources and Systems

Sarbanes-Oxley: A Cross-Industry Email Compliance Challenge

Tue, 5 Apr 2005 10:41:57 -0400

The bulk of financial information in many companies is created, stored and transmitted electronically, maintained by IT and controlled via information integrity procedures and practices. For these reasons, compliance with federal requirements such as the Sarbanes-Oxley Act (SOX) is heavily dependent on IT. Companies that must comply with SOX are U.S. public companies, foreign filers in U.S. markets and privately held companies with public debt. Ultimately accountable for SOX compliance are the corporate CEO and CFO, who will depend on company finance operations and IT to provide critical support when they comply with the SOX requirement to report on the effectiveness of internal control over financial reporting.

Alert: New HIPAA Rules Could Affect Your Organization

Mon, 28 Mar 2005 10:32:46 -0400

On April 21, 2005 (just over three weeks from today), a new Health Insurance Portability and Accountability Act (HIPAA) security rule goes into effect. The requirements of this rule, which are basically information security best practices, focus on the three cornerstones of a solid information security infrastructure: confidentiality, integrity and availability of information. The imminent HIPAA regulatory requirements encompass transmission, storage and discoverability of Protected Health Information (PHI). Given the widespread use and mission-critical nature of email, enforcement of HIPAA encryption policies and the growing demand for secure email solutions, email security has never been more important to the healthcare industry than it is right now.

GLBA: Raising Email Security Awareness

Tue, 22 Mar 2005 10:20:51 -0400

Just a few weeks ago, one of the world’s largest banks announced that it had lost computer data containing the personal information of an estimated 1.2 million federal employees, including some members of the U.S. Senate. The missing information includes Social Security numbers and account data for government employees who use the bank’s charge cards for travel and expenses. In the aftermath of these revelations, the ability of banks and other financial institutions to safeguard our personal information has been called into question by consumers and government alike. Predictably, we are beginning to hear the rumblings of additional legislation, but there have been laws protecting consumer financial information on the books for years – laws such as the Gramm-Leach-Bliley Act (GLBA).

Intellectual Property Theft Has Never Been Easier - Is your enterprise protected?

Tue, 15 Mar 2005 09:12:20 -0400

Intellectual property (IP) is at the core of any business. Confidential manufacturing processes, financial information, customer lists, digital source code, marketing strategies, research data or any other compilation of information used to obtain competitive advantage could be deadly to your enterprise if it ends up in the wrong hands. Learn the necessary precautions you need to take to prevent this sort of loss.

The Anti Spam Challenge – Minimizing False Positives

Tue, 15 Mar 2005 09:11:51 -0400

As costly as spam is, the cost of incorrectly filtering legitimate email is much higher. Whereas some consumer anti spam solutions consider a small number of false-positives to be acceptable, in the business environment achieving zero false-positives is absolutely critical. The solution to this delimma is to develop anti spam solutions that learn and adapt to individual organizations.

2005: An Email Compliance Odyssey - Get your enterprise ready to comply with multiple federal information privacy laws

Tue, 15 Mar 2005 09:10:09 -0400

Federal legislation targeting the dissemination of private information has forced businesses in every industry to rethink how they communicate. The three primary regulations, the Health Insurance Portability and Accountability Act (HIPAA), the Gramm-Leach-Bliley Act (GLBA) and Sarbanes-Oxley (SOX) affect virtually every aspect of an organization’s information sharing practices, and complying with these laws requires a new approach to communication as a whole.

Hall of Shame - The Bad Boys of UCE

Tue, 22 Feb 2005 16:09:39 -0400

While we’re all very familiar with the spam messages we receive each day, it is interesting to take a look at who these spammers are – to put a “face” to the problem, as it were. This article details four of the most notorious and prolific spammers in the world.

Maximizing E-mail Security ROI - Part V – A New Twist to an Old Problem: Email Encryption

Fri, 11 Feb 2005 09:41:13 -0400

While email has become a mission-critical application, it also raises important privacy and security concerns. Sensitive personal and business communications are vulnerable to the prying eyes of hackers, industrial spies and others who would love to have access to information not intended for them. Learn what you need to know about Email Encryption.

Maximizing E-mail Security ROI - Part IV – The Digital Monsters under Your Bed: E-Mail Intruders

Fri, 11 Feb 2005 09:39:30 -0400

There are very real dangers posed by network intrusions. Keep these monsters from stealing the digital lifeblood of your enterprise and ensure that your investment in network security is handsomely rewarded.

Evict the Spammers from Your Inbox - Block Spam and Other Email Threats From Entering Your Gateway

Thu, 10 Feb 2005 09:33:44 -0400

Spam, commonly defined as unsolicited commercial email, is a powerful advertising channel for many products and services. As a result, spamming has become a profitable business, driven by the low cost of sending email compared to other direct marketing techniques. Learn what you need to know to implement an effective anti-spam program in your company.

Your Reputation Precedes You - A Look at the Past, Present and Future of Email Reputation Systems

Thu, 10 Feb 2005 09:28:41 -0400

Many enterprises rely on an email security solution based solely on message content; identifying the source of a particular message never enters the equation. The next generation of reputation-based spam filters are more accurate and efficient than ever by making intelligent use of a sender's historical behavior.

Maximizing Email Security ROI: Part III - No More Mr. Nice Guy: Enforcing E-Mail Policy

Mon, 6 Dec 2004 09:14:58 -0400

An effective email policy should be all-encompassing, helping organizations comply with federal regulations, protect intellectual property and prevent offensive materials from being transmitted across their networks. This article details the issues involved in corporate email policy enforcement, and provides real-world examples of compliance issues faced by corporations every day.

Maximizing Email Security ROI: Part II - Stop Viruses Before They Stop You

Fri, 19 Nov 2004 09:44:06 -0400

Across the spectrum of information security risks, most casual users understand the dangers posed by viruses and worms. Network administrators have even more reason to fear a virus attack, as a successful assault can cripple corporate networks for days. This article details the hard and soft costs associated with virus attacks on an organization's network.

Maximizing Email Security ROI: Stop Spam and Save!

Tue, 16 Nov 2004 15:47:45 -0400

This article details the issues involved in calculating the actual cost of spam to an organization including the harder to measure catastrophic costs incurred through legal liabilities and damage to an organization's reputation that can be caused by an ineffective spam filtering technology.

Increase Efficiency with Intelligent Email Traffic Control

Fri, 5 Nov 2004 15:59:42 -0400

The email security challenges for enterprises today do not stop at identifying and blocking spam. With spam volumes continuing to increase at an incredible rate, the new challenge is to more efficiently handle the huge volumes of mail, without increasing costs. This article explains in-depth how organizations are using IronMail's new Connection Control capabilities to more efficiently handle large volumes of spam.

3 Criteria for Controlling Enterprise Spam - Or: T*ake Y O U R email ba & ack + From the Sp@mmers! 0400constrictor bubble snake informational

Thu, 4 Nov 2004 14:56:40 -0400

If you have a business, then you have a spam problem. The efficiencies of communicating through e-mail not only benefit organizations like yours; they also benefit the spammers who profit off of sending pernicious e-mails to millions of people every day. In fact, spam is so cost-effective that it costs less than $0.0004 to send a single spam. That’s 25 emails for just one penny! This article explains the three most important ways you can secure your e-mail system against spammers and contains a link to even more detailed information on regaining control over your company's inbox.

Secure Your E-mail Systems - Protecting Against Port 25 Vulnerabilities

Thu, 4 Nov 2004 14:56:10 -0400

Protecting networks from viruses and hackers has traditionally been the responsibility of the Firewalls, Virus Scanners, and Intrusion Detection Systems (IDS) set up by enterprises as a defense against the myriad attacks they come under each day. These measures prevent attacks against the network on every port except port 25 and port 110 – the ports used by SMTP (Simple Mail Transfer Protocol) and POP (Post Office Protocol) to transmit e-mail from one server to another.

How Spammers Fool Spam Filters And How YOU Can Stop Them

Thu, 4 Nov 2004 14:53:51 -0400

Effectively stopping spam over the long-term requires much more than blocking individual IP addresses and creating rules based on keywords that spammers typically use. The increasing sophistication of tools spammers use coupled with the increasing number of spammers in the wild has created a hyper-evolution in the variety and volume of spam. The old ways of blocking the bad guys just don’t work anymore. This article explains in-depth what methods are used to block spam, how spammers circumvent those methods, and what you can do about it.

Email Security Governance: Email Encryption and Authentication

Thu, 4 Nov 2004 14:53:04 -0400

While recent government regulations vary in scope and purpose, the need to protect and ensure the integrity of information is universal. Much of the information germane to business today is assimilated and communicated over messaging platforms such as email. As a result, the need for a comprehensive approach to the secure delivery of email affects almost all organizations, regardless of industry or size. As with many management challenges, the unknown is the most significant cause for concern. In the case of email and messaging security, the most ominous threat is often the lack of ability to measure information flowing in and out of the corporate email network.

Why Corporations Need to Worry About Phishing

Thu, 4 Nov 2004 14:51:31 -0400

Phishing is a relatively new form of online fraud that focuses on fooling the victim into providing sensitive financial or personal information to a bogus website that bears a significant resemblance to a tried and true online brand. Typically, the victim provides information into a form on the imposter site, which then relays the information to the fraudster.
Although this form of fraud is relatively new, its prevalence is exploding. From November 2003 to May 2004, Phishing attacks have increased by 4000%. Compounding the issue of increasing volume, response rates for phishing attacks are disturbingly high, sometimes as high as 5%, and are most effective against new internet users who are less sophisticated about spotting potential fraud in their inbox.

Detecting and Eliminating Computer Viruses at the Gateway

Thu, 4 Nov 2004 14:49:39 -0400

In the past, network administrators scrambled to apply new virus signatures whenever new computer viruses were discovered. While these signatures will stop a known threat, it takes time for anti-virus vendors to develop them. Unfortunately, the newest and most damaging viruses are able to spread so quickly that the damage is done before a signature can be developed and distributed.
As a result of recent malware threats, corporations and organizations have learned a painful but important lesson: simply deploying a signature-based solution is no longer enough. Detecting and eliminating computer viruses requires a multi-faceted, rapid-response approach that traditional anti-virus protection cannot provide. Even a single unprotected computer on an enterprise network can bring down the entire system in just minutes, rendering even the most expensive and up-to-date software useless.

How Sarbanes-Oxley Affects Corporate E-Mail Systems

Thu, 4 Nov 2004 14:48:52 -0400

As the primary communication tool for corporations, e-mail systems play a critical role in ensuring effective internal control over financial reporting and, ultimately, Sarbanes-Oxley compliance. All public U.S. companies, foreign filers in U.S. markets, as well as companies with public debt must comply with Sarbanes-Oxley. While many of the provisions of Sarbanes-Oxley are considered industry best practices, the legal ramifications of the Act create a sense of urgency for technology managers to become familiar with its legal requirements, as they affect both email and network systems.

Does Your Reputation System Have a Bad Rep?

Thu, 4 Nov 2004 14:47:44 -0400

The recent spike in the volume of spam traveling across the Internet, combined with the dangers of phishing and virus attacks that frequently accompany these messages, has forced enterprises to reconsider how they determine which messages will be allowed past their gateways. The latest advances in anti-spam technology have been enabled in part by the use of reputation services which determine the “good” and “bad” senders based on which senders prevent spam, viruses and other unwanted email from being sent from their servers. There are several approaches to determining a sender’s reputation; some more effective than others. This article details the strengths and weaknesses of various approaches to reputation-based email filtering, and how such approaches should be implemented in the enterprise.

How HIPAA Security Policies Affect Corporate E-mail Systems

Wed, 20 Oct 2004 09:54:29 -0400

Collaboration between healthcare professionals, their colleagues, their patients, and employers has grown progressively more digital, and e-mail has played an ever-increasing role in this communication. Although many consider HIPAA security policies to be the sole concern of health care providers, they also affect corporate email systems as Human Resources departments become increasingly involved in transmitting employee information electronically. This article explains what you need to know to bring your email security programs into compliance with HIPAA regulations.