Satisfied with your e-mail security?
It's a strange feeling, sitting at your PC, wondering if the next e-mail you open has the capability of wiping out your address book, erasing the data on all your network drives and then mailing itself to all your contacts. What with the I Love You virus, "Resume for Mrs whoever," and "pay all your debts off in one go" offers, it's amazing that any work gets done at all. Recent research indicates that the average American office worker receives about 195 e-mails a day--it kind of makes you wonder how e-mail can be called a productivity tool.
While the e-mail virus panics have caught the news headlines recently, viruses represent only one of the potential losses to productivity that e-mail brings. It's not just a question of lost time and productivity--there are legal implications, too. When e-mail leaves your company, legally you are responsible for its contents and that of any attachments. If an employee in your organization e-mails a virus to someone in another organization, and they are subsequently infected, who is to be held responsible? In today's increasingly litigious world, how long will it be before companies and organizations start suing each other over a virus outbreak caught from an infected e-mail?
Fortunately, help is at hand. Many companies are now realizing the benefits of e-mail content-vetting software--software packages that perform numerous checks on incoming and outgoing e-mails. The implementation of one of these packages will not only prevent viruses and a multitude of other e-mail related problems, it will also bring an increased level of control to your entire Internet e-mail strategy.
Before we look at some of the products available, let's see just what the issues are for e-mail systems:
- Virus checking--Of all the potential threats presented by e-mail communication, viruses are biggest and most harmful. Attachments that are sent and received should be completely and thoroughly checked for viruses. Rather than build a complete virus-checking system of their own, some companies that produce content-vetting software provide hook-ins to other manufacturers' antivirus programs, making it easy to keep up to date with the latest threats. When a virus is discovered, different products deal with it in different ways. Some simply block the message; others have the capability, depending on the configuration, to cleanse the file and forward it on. Others place it into a quarantined area, so that the administrator can decide whether the message and attached file should be cleaned manually and then allowed through. Checking the traffic travelling in and out of your organization prevents e-mail-borne viruses from being propagated by you.
- Attachment blocking--You may be able to do without certain types of attachments. The recent e-mail virus scares have centered around Visual Basic Script files that have a .VBS extension, although you should also be wary of some other formats. Attachment blocking is not only useful from a virus angle; you can also block any other desired file formats, such as MP3 or JPEG.
- Address blocking--Sick of getting offers such as "Free vacation" or "Pay off all your debts"? Address blocking allows you to create filters that prevent unwanted e-mail from being delivered to your system. Filters often have the ability to use wildcards to create a comprehensive blocking strategy. In addition, some products make use of centralised lists of spammers that can be downloaded and used by the content-vetting software.
- Size blocking--Though the speed of Internet connections continues to increase, bandwidth is still a relatively expensive commodity. Restricting the size of the attachments that can be sent and received protects your valuable bandwidth, potentially saving costs in the meantime.
- Content blocking--Some material that is e-mailed is simply inappropriate for a business environment. It's important that content-vetting software be able to block e-mails based on the words that appear within the mail. Filters can be configured that will prevent mails of an abusive, racist, sexual, or discriminatory nature. Another potential feature of content blocking is the prevention of company information from being e-mailed to other parties. You could, for example, block mails that contain a character string that relates to a current project or product. This capability is known as lexical scanning.
- Mail relaying--One strategy that spammers frequently employ is using other people's e-mail systems as relays for their spam mailouts. When they do this, your e-mail server name appears as the sending server. Stopping spammers from doing this will prevent you from being added to a list of spam servers yourself.
- Disclaimer information--When an e-mail leaves your company, adding a disclaimer is an advised procedure. Not only does this disclaimer offer you a degree of legal protection, but it can also add a message telling the recipient of the fact that the e-mail has been scanned for viruses.
- Message archiving and recording--In some situations, saving every e-mail sent or received may seem a little excessive, but doing so can become an important tool when proving a case of e-mail misuse. If you are considering implementing a comprehensive recording program, pay special attention to the volume of e-mail that is sent. You would be surprised at just how many megabytes a day are generated.
A variety of products are available to help you perform e-mail content security. Though they all provide the major features mentioned in the previous section, many have subtle differences in how they perform their tasks, and others are designed to work only on certain platforms. Understandably, many of the products are aimed at the e-mail systems with the highest levels of market penetration, meaning that if you have a system other than Microsoft Exchange or Lotus Notes, your choices may be somewhat limited.
The following list is by no means complete, but the products featured here are among the best available:
- Mail essentials from GFI Ltd.--A feature-rich product that includes additional features such as PGP encryption capabilities, attachment compression, and a comprehensive auto-reply system. It is available for Microsoft Exchange and Lotus Notes. Pricing is on a per-mailbox basis and starts at $275 for a 10-user version. For more details, visit the GFI website at http://www.gfi.com/mesindex.htm.
- Content Technologies Inc.'s MIMESweeper--Possibly the most comprehensive and thorough of all e-mail content and checking products. MimeSweeper from Content Technologies, of Bellevue, Wash., is a corporate favorite, though its base user licence package of 50 users may discourage some smaller businesses. It is available for Microsoft Exchange, Lotus Domino, and Firewall-1, and a standalone SMTP version allows the functionality of the product to be applied to a wide variety of other e-mail systems. Virus checking is accommodated through 27 third-party vendors including Norton AntiVirus, Sophos Sweep, and Dr Solomons. For more information, visit http://www.contenttechnologies.com.
- Marshal Software's MailMarshal--Just one in a range of content and security products from New Zealand-based Marshal Software. The newest MailMarshal release, Version 3, includes in-depth reporting facilities and excellent spamming protection. MailMarshal runs on an NT Workstation or Server. For more information, visit the Marshal Software website at http://www.mailmarshal.com.
Though all these products have a complete range of features, in many cases, you are able to choose which features you want to use. Whether you choose to use or implement all of them will depend on the level of control you want to exercise over your e-mail system. There can be little dispute that the more features you use, the more productive e-mail use will become.
A little education goes a long way
- Even without a software package such as those described in the previous section, you can take certain steps to prevent e-mail-based threats from causing disruption in your organization. Here are some simple steps you can take to offer at least some protection:
- Tell staff not to open attachments that they do not recognize, or those from unknown sources.
- iscourage the use of company e-mail for any use except business. Liken e-mail use to that of company telephones. Employees are free to use the e-mail system for occasional personal communication, but that use should not be too frequent or reach the point that it has an impact on their work.
- If one of your users is unfortunate enough to get a virus, make sure he knows what to do about it. Have a written procedure so that in the event of an infection, the user has clear steps to follow.
- Last but not least, if you are using antivirus software on your company PCs, make sure it's updated on a regular basis. Also make sure that this update is not an optional for your users.
Ultimately, the time and money invested in protecting yourself from Internet e-mail-based threats will be well spent. If you sit down and calculate the loss of revenue from even one incident, then an e-mail content-vetting package looks like a bargain indeed. //Drew Bird (MCT, MCNI) is a freelance instructor and technical writer. He has been working in the IT industry for 12 years and currently lives in Kelowna, Canada. You can e-mail Drew at firstname.lastname@example.org.