Messaging Behind Closed Doors - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Healthcare // Analytics
Commentary
10/27/2005
08:04 PM
Mitch Irsfeld
Mitch Irsfeld
Commentary
50%
50%

Messaging Behind Closed Doors

It used to be the case that internally created and internally transmitted messages (the oldest form of e-mail) were of little threat to the security posture of an organization. That was before we actually started monitoring what went on behind closed doors, so to speak. Organizations started paying a little more attention to internal messages once compliance and legal requirements made it more important to do so. But the focus for e-mail protection has always been on incoming messages, and more

It used to be the case that internally created and internally transmitted messages (the oldest form of e-mail) were of little threat to the security posture of an organization. That was before we actually started monitoring what went on behind closed doors, so to speak.

Organizations started paying a little more attention to internal messages once compliance and legal requirements made it more important to do so. But the focus for e-mail protection has always been on incoming messages, and more recently, outbound messages. But there is still a heck of a lot of messaging going on behind the firewall, and security and compliance vendors have only recently begun to address it.Compliance with internal policies and external regulations might be a driver but it isn't the only reason to monitor internal messages. With all the mobile devices that divide their time on and off the corporate network, it's becoming easier for malware to slip into the organization via someone's briefcase. Message attachments don't have to pass through a firewall if they ride in on portable media or get stored as a file and duplicated before a device is synched up with a server.

The good news is that you no longer have to purchase and manage separate control systems to monitor inbound/outbound and internal message traffic. For Exchange servers, Nemx just brought out a new version of its SecurExchange product that monitors what Nemx president John Young calls the four critical levels of security: Inbound threats; outbound policy violations, internal monitoring for enforcing compliance and acceptable use policies; and after-the-fact scanning to locate violations in existing message stores.

That's a step in the right direction. Expect more and more vendors to do something similar. But those with appliance-based systems that sit at the perimeter will have to work up a new way to include internal protection.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

Slideshows
IT Leadership: 10 Ways to Unleash Enterprise Innovation
Lisa Morgan, Freelance Writer,  6/8/2021
Commentary
Preparing for the Upcoming Quantum Computing Revolution
John Edwards, Technology Journalist & Author,  6/3/2021
News
How SolarWinds Changed Cybersecurity Leadership's Priorities
Jessica Davis, Senior Editor, Enterprise Apps,  5/26/2021
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Planning Your Digital Transformation Roadmap
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
Slideshows
Flash Poll