|Email remains as a source of malware proliferation and is now rapidly become a vehicle of data leakage or exfiltration. Here is a summary from SC Magazine of five of the top products to secure your email!|
Good Netiquette to all!
by Peter Stephenson September 02, 2014 scmagazine.com
We have seen email encryption for some years now, but in the face of inbound threats we have a new problem: unintended data exfiltration.
In the face of external email-borne attacks, email security should reflect the three basic aspects of security: confidentiality, integrity and availability, says Peter Stephenson.
This month we take a deep dive into email security. Looking at the products we have this year in contrast to last year's bunch we found that the new functionality is remarkable for its innovation and convergence with other, similar product types. Briefly, email gateways are more comprehensive than ever before and this is a big benefit to users.
The players this year are a mix of old and new. The old standbys, mellowed and matured by experience, have come up with some interesting new wrinkles on old themes. To reverse a metaphor, this is new wine in old bottles, surely a good thing if the vintner knows what it's doing.
Old school email security was pretty much encrypt to outgoing email and stop the phishing attacks. Occasionally we would see non-repudiation and there were some specialized products that did things such as destroy outbound messages after some period of time. A lot of that functionality moved into data leakage protection and now, ironically, some DLP functionality is moving into email security gateways.
A good place to start is to get a bit of a handle on what we mean by email security, then. For that we referred to a paper called "Email Security Threats," written for SANS Reading Room by Pam Cocca. Ms. Cocca tells us that email security should reflect the three basic aspects of security: confidentiality, integrity and availability. She tells us that confidentiality means that email "...is protected from unauthorized access." Integrity means that "...it has not be modified or destroyed by an unauthorized individual." And, availability means "...ensuring that mail servers remain online and able to service the user community." We think Cocca is on the right track and we will use her definitions as our straw-man. (Incidentally, we recommend her paper which can be found with a simple Google search).
While this month's products do not particularly address availability, they certainly address the other two. And, if we reverse Ms. Cocca's availability definition a bit to reflect keeping our systems online and available in the face of external email-borne attacks, she's right on target. So, let's look at each of these criteria in the context of selecting a product to secure your email communications channel.
Confidentiality is simple...on the surface. We have seen email encryption for some years now, but in the face of inbound threats we have a new problem: unintended data exfiltration. We usually look to DLP systems for that, but why not look to our email gateway? Why not, indeed? And that is what at least one of this month's products does. So, to address confidentiality we should look for encryption - which needs to be easy to use and as transparent to the user as possible, including the users on both ends of the message - and we should look at how we might benefit from having some DLP functionality built in. How much, of course, is up to you and what tools you have currently deployed.
Attachments also can pose a confidentially issue. For that we tend to use something such as DropBox secured with some form of encryption, such as nCrypted Cloud. Some of this month's products address that requirement directly as well, adding both security and convenience to the mix.
Integrity is an extension, functionally, of confidentiality. By that we mean that achieving confidentiality in the ways we describe may very well address integrity as well. For example, if I encrypt an email and I ensure its integrity by applying a hash, tampering - decrypting attempts - may reflect in the hash. There are other ways to address integrity and it is important that you examine the product for some form of protection in this area.
Finally, we come to availability. We do not want inbound email-borne malware to affect our internal systems. To some degree, this also impacts integrity since databases may be altered by mail-borne malware attacks. One of the important - and traditional - functions of an email security gateway is thwarting these attacks, which may be the result of some form of phishing or infected (html) email. This aspect - the most important functionality traditionally and still extremely important - is critical to a good email security product and you should look carefully at how the tool accomplishes this protection as well as how effective it is.
So, that takes us to the end of our ramblings and to the succinct analysis by our lab. There are good products - old and new - in this batch and we commend them to you for your perusal. The group is small but, we believe, rather elite. On with the show!
All products in this group test
**Important note** - contact our company for very powerful solutions for IP management (IPv4 and IPv6, security, firewall and APT solutions:
In addition to this blog, Netiquette IQ has a website with great assets which are being added to on a regular basis. I have authored the premiere book on Netiquette, “Netiquette IQ - A Comprehensive Guide to Improve, Enhance and Add Power to Your Email". My new book, “You’re Hired! Super Charge Your Email Skills in 60 Minutes. . . And Get That Job!” will be published soon follow by a trilogy of books on Netiquette for young people. You can view my profile, reviews of the book and content excerpts at:
If you would like to listen to experts in all aspects of Netiquette and communication, try my radio show on BlogtalkRadio Additionally, I provide content for an online newsletter via paper.li. I have also established Netiquette discussion groups with Linkedin and Yahoo. I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. Further, I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and have been a contributor to numerous blogs and publications.
Lastly, I am the founder and president of Tabula Rosa Systems, a company that provides “best of breed” products for network, security and system management and services. Tabula Rosa has a new blog and Twitter site which offers great IT product information for virtually anyone.