Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

4/24/2007
09:35 AM
50%
50%

Vendors Crank Up Email Security

Security specialists take aim at the chink in users' mail security armor

As users look to lock down crucial email and messaging and avoid embarrassing snafus, security vendors are cranking up their efforts to please.

Today, for instance, email security specialist Forensic Compliance Solutions (FCS) signed a deal with Canton, Mass.-based Network Engines to manufacture archiving devices for users scrambling to overhaul their email strategies. (See FCS, Network Engines Team.)

Network Engines, which also builds a storage array for EMC and a network access control appliance for Bradford Networks, will now build U.K.-based FCS's Cryoserver box and distribute the appliances amongst U.S. resellers.

At least one user told Byte and Switch that he needs a specialist archiving appliance to safeguard key email data. "We're able to find emails that were deleted from inboxes," says Charlie Tonkiss, IT manager at London, U.K.-based engineering firm Whitbybird, noting that his industry can be quite litigious.

Whitbybird is using two Cryoserver boxes to store all emails leaving and entering the company, according to Tonkiss. The firm can now prove that a certain email was sent and responded to on a given day, he says.

Prior to deploying the Cryoservers, all emails were backed up to tape, which proved problematic when Whitbybird needed fast access to a specific email. "Before, I would have had to build a second email server to restore all the data onto and then search through the inboxes," says Tonkiss, adding that this typically took a couple of days.

The exec has now managed to slash this search time to below a minute. "I have just used [the Cryoserver] to pick up emails from early 2005, and it took about 30 seconds to find them," he says.

A number of vendors are currently playing in this space, and Tonkiss told Byte and Switch that he looked at KVS, which was later bought by Symantec, and eVault, which was later acquired by Seagate, prior to deploying the Cryoservers. The FCS kit was more user-friendly and offered better compliance features than the competition, he says.

The exec explains that in Europe there are extremely strict laws on who can access email, something which worked in the favor of FCS. "The Cryoservers can prevent people from doing frivolous searches on other peoples' mailboxes," he says, adding that KVS and eVault would have required "various third-party components" to reach the same level of compliance.

Email security and archiving have gained momentum in recent months. In March, processor giant Intel revealed that it had struggled to find some emails relevant to its anti-trust battle with AMD. Emails are also at the heart of the political funding scandal that has rocked the U.K. government. (See Intel's Email Maelstrom.)

Responding to the trend, software vendor Gordano beefed up its Vanguard security solution with anti-spam and anti-virus features, and startup Orchestria is planning to bolster its ability to lock down Web-based messages. (See Gordano Unveils New Vanguard, Orchestria Issues Email Warning, and Orchestria Adds Intelligence.)

Orchestria is focusing not on archiving but on users' efforts to stop inappropriate and litigious emails from leaving corporate HQ in the first place. "People are just doing stupid things with email, and they think that there are no ramifications," says Michael Rothschild, senior director of the vendor's product division.

Email is at the heart of the ongoing scandal surrounding the firing of eight U.S. attorneys, and reports suggest that email played a part in the recent departure of former Starwood CEO Steven Heyer.

Orchestria's eponymous software works by installing an agent on messaging servers and laptops, which checks outgoing emails for keywords ranging from "confidential" to "sex." These can then be "quarantined" to prevent them from leaving the organization.

The next version of the product, launched next month, will monitor Web-based online transactions, according to Rothschild. "It will be able to pick up the fact that you're buying a ticket from an unapproved online vendor," he explains, noting that this will involve scanning the text of the message.

Pricing for the upgraded solution will start at $25 per user, although Rothschild told Byte and Switch that he is also planning a hardware-based version of the product for later in the summer.

— James Rogers, Senior Editor Byte and Switch

  • Advanced Micro Devices (NYSE: AMD)
  • EMC Corp. (NYSE: EMC)
  • EVault Inc.
  • Gordano Ltd.
  • Intel Corp. (Nasdaq: INTC)
  • KVS Inc.
  • Morgan Stanley
  • Network Engines Inc.
  • Orchestria Corp.
  • Seagate Technology Inc. (NYSE: STX)
  • Symantec Corp. (Nasdaq: SYMC)

     

    Recommended Reading:

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    COVID-19: Latest Security News & Commentary
    Dark Reading Staff 7/14/2020
    Omdia Research Launches Page on Dark Reading
    Tim Wilson, Editor in Chief, Dark Reading 7/9/2020
    Why Cybersecurity's Silence Matters to Black Lives
    Tiffany Ricks, CEO, HacWare,  7/8/2020
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon
    Current Issue
    Special Report: Computing's New Normal, a Dark Reading Perspective
    This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
    Flash Poll
    The Threat from the Internetand What Your Organization Can Do About It
    The Threat from the Internetand What Your Organization Can Do About It
    This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2020-11083
    PUBLISHED: 2020-07-14
    In October from version 1.0.319 and before version 1.0.466, a user with access to a markdown FormWidget that stores data persistently could create a stored XSS attack against themselves and any other users with access to the generated HTML from the field. This has been fixed in 1.0.466. For users of...
    CVE-2020-5246
    PUBLISHED: 2020-07-14
    Traccar GPS Tracking System before version 4.9 has a LDAP injection vulnerability. It occurs when user input is being used in LDAP search filter. By providing specially crafted input, an attacker can modify the logic of the LDAP query and get admin privileges. The issue only impacts instances with L...
    CVE-2019-12773
    PUBLISHED: 2020-07-14
    An issue was discovered in Verint Impact 360 15.1. At wfo/help/help_popup.jsp, the helpURL parameter can be changed to embed arbitrary content inside of an iFrame. Attackers may use this in conjunction with social engineering to embed malicious scripts or phishing pages on a site where this product ...
    CVE-2019-12783
    PUBLISHED: 2020-07-14
    An issue was discovered in Verint Impact 360 15.1. At wfo/control/signin, the rd parameter can accept a URL, to which users will be redirected after a successful login. In conjunction with CVE-2019-12784, this can be used by attackers to "crowdsource" bruteforce login attempts on the targe...
    CVE-2019-12784
    PUBLISHED: 2020-07-14
    An issue was discovered in Verint Impact 360 15.1. At wfo/control/signin, the login form can accept submissions from external websites. In conjunction with CVE-2019-12783, this can be used by attackers to "crowdsource" bruteforce login attempts on the target site, allowing them to guess an...