1 / 27

IDC eGovernment

IDC eGovernment. The Future of Email Security. John Ryan Operations Director Entropy. Fixing Email. Email - Where Are We Now? The Current State of Messaging (Security) Top Enterprise Email Threats & The Cost to Corporations Where Is The Industry Going? Reactive Point Solutions

brad
Download Presentation

IDC eGovernment

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IDC eGovernment The Future of Email Security John Ryan Operations Director Entropy

  2. Fixing Email • Email - Where Are We Now? • The Current State of Messaging (Security) • Top Enterprise Email Threats & The Cost to Corporations • Where Is The Industry Going? • Reactive Point Solutions • Proposed Email Identity Standards • New Technologies to Address these Issues? • Identity, Reputation, Policy Control • Unique solutions available now

  3. images blank

  4. Source: Information Security Breaches survey 2004 – DTI UK

  5. Source: Information Security Breaches survey 2004 – DTI UK

  6. The Mission-Critical App Is Collapsing • Email Is The Form Of Business Communication • 80% Of Businesses Consider Email More Important Than Phones • Email Is No Longer Reliable • Spam, False-Positives, Viruses, Forgery And Other Threats Make Email Unreliable • Users Are Rapidly Losing Trust In Email 52% Say They Trust Email Less 25% Have Reduced Email Use —Pew Internet Life Project —

  7. Challenges of E Mail Today! • E mail has become a mission critical communications vehicle • E mail has become a major delivery mechanism for marketing messages…SPAM! • Most of these marketing messages are unsolicited and unwanted • Spam is perceived as the most significant problem of enterprise. Source: Osterman Research

  8. Some Email Statistics • United States • China • South Korea • Poland • France • Great Britain • Germany • Brazil • Spain • Japan • 18B message per day (73% of which is SPAM) • Message volume has increased by 2B in January • 9.4B messages coming for “Zombie” hosts • 290,000 infected hosts tracked last week alone • 15,000+ compromised zombie networks • 75% of all Viruses are deployed via an email • Phishing scam’s accounted for 1% of SPAM • Top countries sending SPAM …….. Source: Senderbase network – go to www.ironport.com/toc

  9. Email Stats January 2006

  10. Spam Will cost corporate users over £10B in the US alone.1 Overall cost of spam between £10B and £87B, or £50 to £1400 per worker per year.2 Set to get worse Corporate spam traffic will rise from 44 billion messages per day in 2006, to 83 billion messages per day in 2009.3 Corporations Pay the Consequences • Viruses • Sobig virus cost more than £1B.4 • Disaster recovery costs increased by 23% in 2003 to almost £100,000 per organization per virus outbreak.5 • Confidential information • Difficult to estimate • Devastating impacts 1. Ferris Research 2. Pew Internet and American Life Project 3. Radicati Group 4. Computer Economics 5. ICSA Labs’ Prevalence Survey

  11. It Takes Two: Senders and Receivers • We Are All Email Senders And Email Receivers • Solving Receiver Problems Means Addressing Sender Issues And Vice Versa • The Solution To Fixing Email Is NOT One-sided • A Healthy Email System Requires Feedback Loops • Integrating complaint and other corrective data back into the system is a fundamental requirement

  12. Email Gateway Infrastructure Issues On top of all the Security vulnerabilities, the infrastructure itself is at breaking point….. • Bespoke deployments • Complexity • Performance issues & bottlenecks • Reliability of the solutions • Huge Admin Overhead • Limited visibility or control • Managing the escalating costs $$$

  13. Fixing Email • Email - Where Are We Now? • The Current State of Messaging (Security) • Top Enterprise Email Threats & The Cost to Corporations • Where Is The Industry Going? • Reactive Point Solutions • Proposed Email Identity Standards • New Technologies to Address these issues? • Identity, Reputation, Policy Control • Unique solutions available now

  14. The Industry “Reacts” • Solutions are reactive NOT proactive • Point solution approach • Content-based filtering band-aids • Cat and mouse game – its never going to end! • New filter, new threat, new filter, new threat, new filter, new threat, new filter There is some good news! >>>>

  15. Industry Adopts Identity • Sender-ID/SPF • Technical Solution For Sender Address Forgery • Yahoo! Domain Keys • Authenticating Entire Email Message Based On Sender Domain There are limitations to this “partial” solution.

  16. Fixing Email • Email - Where Are We Now? • The Current State of Messaging (Security) • Top Enterprise Email Threats & The Cost to Corporations • Where Is The Industry Going? • Reactive Point Solutions • Proposed Email Identity Standards • New technologies to Address these Issues? • Identity, Reputation, Policy Control • Unique solutions available now

  17. Critical Components of a Complete Solution • The vulnerability exposed by spam, viruses, phishing is inherent to the email protocol, SMTP • Reputation services are a critical component of the solution: 1 Advanced authentication standards IDENTITY 2 A holistic view of a sender’s trustworthiness REPUTATION 3 Intelligently apply filtering techniques based on the apparent threat POLICY

  18. Black and White Lists

  19. SpamCop, SpamHaus (SBL), NJABL Spamtraps Blacklists Extensive network of “invalid" accounts 3rd party email accreditation SpamCop, ISP abuse data, BondedSender abuse data Global Complaint Data Open Proxy Data SORBS, OPM, DSBL… Fortune 1000 status, length of sending history, location, whether domain accepts email, etc. Global Volume Data Other Data 30,000 organizations (25% of all email) Authenticated Unknown Sender Reputation Established SenderBase: Leading Reputation Service • 75,000 contributing organizations • 4 billion queries daily • >25% of world’s Internet email -10 +10

  20. Traffic Shaping:Mail Flow Control NOT Filtering

  21. Email Security Appliances:Enforcing Policy • IronPort Appliances Use Identity And Reputation To Apply Policy • Trusted Known Senders Bypass Spam Filters • Suspicious Unknown Senders Are Throttled And Filtered • Hostile Senders Are Deleted Or Tagged • Known good is delivered • Suspicious is throttled & spam filtered Anti-Spam Email Appliance • Known bad is deleted/tagged

  22. Scale is required

  23. Virus Date Virus Threat Level Raised First Anti-virus Signature Available Outbreak Filter Lead Time Mydoom.bb 15 Feb 05 18:08 22:54 Next Day 28:46 hours Goldun.H 15 Feb 05 23:04 16:17 17:13 hours Sober.J 30 Jan 05 23:01 09:21 10:20 hours Cidra-D 3 Dec 04 3:11PM 7:58 PM 4:47 hours Outbreak Filter Advantage

  24. Prevention: Temporary Quarantine MyDoom.bb 6503 files Quarantined 100% capture Outbreak Rules TemporaryQuarantine Virus Filter • Pulls outbreak rules for all incoming email attachments • Triggers automated quarantine for suspicious attachments • Releases messages for rescanning through standard filters Closes the Reaction Gap

  25. VoF Advantages

  26. Consolidation of the Email Perimeter BEFORE AFTER Email Appliance

  27. Summary • Security spend has to increase to meet the ever increasing business demands • Email is now THE critical communications system • Our email systems are under attach and straining to deliver • We need to re-think our approach to email delivery and invest in new technology

More Related