Maximizing E-mail Security ROI - Part IV - The Digital Monsters under Your Bed:
E-Mail Intruders by CipherTrust
This is the last of
a five-part series on Maximizing Email Security ROI.
Remember your kid fears? As soon as the lights went out, the monsters under
your bed began plotting ways to get you. Somehow, though, you always managed to
outsmart them and make it through the night. Then one night you grew up, and
the monsters went away for good.
Well, they're back. And they've unionized.
International rings of hackers, many backed by funds from organized crime
groups, are the new monsters hiding under your bed-only now they'll attack in
broad daylight. They've realized that there's money to be made by breaking into
your network-lots of money-and they want their "fair share." They have advanced
degrees, financial motivation and plenty of time to figure out ways around
software-based e-mail intrusion "solutions" (yes, even the really, really
expensive one you just installed-sorry).
Once hackers have discovered a way into your network, all bets are off. They
have access to any information residing on your servers, including your
customer database, employee personnel files, bank account numbers and
proprietary product information. They can run denial-of-service attacks to take
down mail servers and disrupt your work environment. They can hijack your
servers and use them as "spam cannons," sending millions of fraudulent e-mails
purporting to be from your company. In short, they can do whatever they want.
This week's newsletter will identify the specific dangers posed by network
intrusions and explain how keeping these new monsters from stealing the digital
lifeblood of your enterprise can ensure that your investment in network
security is handsomely rewarded.
<h2>Determining E-mail Security ROI</h2>
When attempting to extract meaningful hard-cost data to evaluate e-mail
security ROI, damages can be broken into two categories: Ongoing or
Catastrophic. Ongoing costs tend to occur continually and increase in scale.
For instance, a 10% increase in spam volume will result in 10% higher costs.
Catastrophic costs, on the other hand, are "one-and-done" losses that are
intermittent but categorically high when they occur. An example of a
catastrophic cost would be a single security breach that allowed theft of
proprietary intellectual property, causing millions of dollars in losses. In
general, failure to prevent e-mail intrusions will result in expenditures that
qualify as catastrophic. <h2>Liability</h2>
Last week's IronMail Insider discussed the costs associated with
allowing inappropriate material to cross the enterprise gateway or pass between
workstations. The lawsuits resulting from companies failing to enforce e-mail
policy and being held responsible for the messages crossing their networks all
resulted in catastrophic costs to the enterprise.
As with policy enforcement (and encryption, the topic of next week's
newsletter), intrusion prevention is paramount to a company's efforts to comply
with legislation regarding customer, financial and patient information
security. Federal legislation such as
HIPAA, Sarbanes-Oxley and GLBA provides for steep financial penalties
for corporations which fail to take the necessary steps to ensure information
security (up to $250,000 per incident). In addition, potential arrests and
criminal charges for company officers, and costly lawsuits from customers and
patients should provide all the incentive necessary for companies to do
anything possible to protect classified information.
A terrifying example of the liability faced by an organization which fails to
prevent intrusions happened very recently. On August 1, 2004, a database
intrusion occurred through one unsecured computer at the University of
California - Berkeley. The intrusion wasn't discovered until August 30, meaning
the hackers had a full month of unfettered access to the personal information
of as many as 1.4 million disabled and elderly Californians, opening the door
to a potentially devastating class action suit by those affected. This incident
serves as a disturbing reminder that a single workstation can sacrifice the
identities of millions.
<h2>Reputation</h2>
Loss of trust from partners and customers due to a company's failure to prevent
hackers from accessing their network can be just as destructive as any lawsuit.
Failure to prevent intrusions into an e-mail system will leave administrators
with few, if any, options after the damage is done. Business partners will be
understandably reluctant to share any of their proprietary information, and
customers will likely look to your competitors to ensure that their private
data is safe.
Not surprisingly, most companies will go to great lengths to hide the fact that
their systems have been compromised. Over 50% of respondents to the 2004
Computer Crime and Security Survey by the FBI and Computer Security Institute
indicated that they did not report system intrusions to law enforcement or
legal council because of fear of negative publicity. Of course, if they'd had
effective intrusion prevention in the first place, there wouldn't be anything
to report. <h2>Asset/IP protection</h2>
The only way to ensure that all information residing on, or accessible through,
e-mail servers is protected is to make it completely invisible to hackers and
other would-be intruders. While some software-based approaches do serviceable
jobs of detecting intrusion attempts and thwarting them when they happen, the
mere fact that the hacker knows where the network is provides motivation enough
to keep trying to find a way in.
When your company's intellectual property is stolen or otherwise compromised,
the catastrophic costs can be staggering. According to the 2004 Computer Crime
and Security Survey, a total of 269 respondents from U.S. corporations,
government agencies, financial institutions, medical institutions and
universities reported intellectual property losses totaling $11,460,000 in
damages from theft of proprietary information. An unfortunate side note to this
statistic: 98% of the survey respondents had firewall protection in place, a
revealing testament to the ineffectiveness of stand-alone security components.
<h2>Get Rid of the Modern-Day Monsters</h2>
A comprehensive e-mail security approach including elements of anti-spam,
anti-virus, policy enforcement, intrusion prevention and encryption is the most
effective defense against all external and internal threats. For more
information on how to protect your enterprise network from all manner of e-mail
threats, download CipherTrust's FREE whitepaper, ""Securing
the E-Mail Boundary: An Overview of IronMail".
The
final installment of the Maximizing E-Mail Security ROI series
will discuss the issues surrounding encryption of confidential information
contained in e-mail messages.
About the Author
CipherTrust is the leader in anti-spam and email security. Learn more by
downloading our free whitepaper,
"Securing the E-Mail Boundary: An Overview of IronMail"
|
