Ferris Research Free News
Sunday, August 10, 2008
  Aug 8, Daily Compliance & Messaging News
Ferris Research Home

Sign up for the Ferris News Service here

News on messaging, content control, compliance, e-discovery, data leak prevention
Daily Digest: August 8, 2008
Content Control, Compliance, Archiving, E-Discovery, & Data Leak Prevention

Analysis of McAfee Purchase of Reconnex -- Your Input Invited

Survey of Archiving Products -- Let us know what you think about the archiving products you use. If you add your own data, we will send you a summary of the findings. The survey just started--great if you can help get this off the ground by contributing your own policies

Survey of Retention Policies -- See the retention policies for various organizations here. If you add your own data, we will send you a summary of the findings

Fidelis Security Systems Honored with the Frost & Sullivan 2008 Growth Excellence of the Year Award in Infrastructure Protection
Fidelis XPS Continues Trend of Accolades that Demonstrates Dominance of Next-Generation Data Leakage Prevention Solution

Mimecast becomes the first SaaS provider to offer Data Leak Prevention  

Messaging & Collaboration

IceWarp Server Version 9.3 Provides Enhanced Security, Simplified Management and a User Friendly iPhone Interface
Already esteemed by system administrators as a secure and reliable Messaging platform, IceWarp Server also proves to be the engine of choice for end users

Unison Released for Ubuntu to Bring Unified Communications to Linux
Partnership with Canonical will challenge Microsoft unified communications with more powerful and cost-effective Linux alternative

Blog Item(s)

Prosecutors Build Case on Email

In another high profile case, federal prosecutors are using email in their case against senior managers of Bear Stearns. Two things are interesting here.

First is that the email in question is from a personal email account. Work email is understood to be the company's property, but now it seems personal email is also subject to discovery. If you recall, this was also the case in the recent White House scandal where personal email accounts were used to communicate sensitive information.

The second interesting fact revealed in this case is that just because the accused wrote something in an email, it does not necessarily imply guilt. This article states that, "there is no guarantee that cases that rely on email exchanges and unclear states of mind result in jail time. In one prominent case involving email exchanges, for example, charges were ultimately dropped against Frank Quattrone, the high-level Credit Suisse banker accused of interfering with a government investigation."

The lesson learned is be careful what you put in an email because it may come back to haunt you. ... Bob Spurzem


Data Leak Protection: Focus on Inadvertent Leaks

Protecting your company against intentional leaks is virtually impossible.

If a rogue employee wants to steal sensitive data from your organization, here are just some of the ways it can be done. The employee could:

  • Take a digital photo of the document on screen and walk out with the camera.
  • Call their home voicemail and read the document to their voicemail, then transcribe it.
  • Print a sensitive document and walk out with it.
  • Put PSTs containing hundreds of thousands of sensitive emails on a USB drive and leave with those.
  • Upload the files to a VMware image and take the image home.
  • Find a Facebook application that permits file exchange and use that to send the file out of your organization.

And so on.

While technologies now exist to try and cover a wide variety of endpoints--email, instant messaging, Web proxy, USB drives on local PCs, and so on--the most effective policy for most organizations is to focus on inadvertent and unintentional leaks, instead of trying to be all things to all people. In other words, give up on the notion that you can stop leaks by protecting all endpoints. By the time you've addressed all the possibilities you can think of, 10 new ones will have arisen.

After all, most breaches of PCI compliance, for example, have happened by mistake, where spreadsheets or other files containing credit card numbers have been inadvertently emailed outside the sender's organization.

Instead of a breadth approach, start with the leakiest of applications, namely email and instant messaging, and work out from there. Numerous technologies exist--Orchestria, MessageGate, Vontu, Proofpoint, Akonix, FaceTime and others--that provide automated policy enforcement of real-time data.

Starting with an achievable goal will help you address the majority of the threats while keeping your DLP goals grounded in reality. ... David Sengupta



Upcoming Reports & Events
Emerging Technology: Compliance, Content Control, and Data Leak Prevention
Wednesday, Sept. 24, 2008
8:30 a.m. Pacific, 11:30 a.m. Eastern, 4:30 p.m. U.K., 5:30 p.m. CET. One hour.

In this event, David Ferris introduces three new or newish vendors that he finds interesting or innovative in the overlapping fields of compliance, content control, and data leak prevention. Each vendor's CEO briefly describes the company's business; then he or she and David discuss the business and its industry context. A Q&A period follows.

To register for the webcast, click here. For more information, click here.

Recent Research

Recent Reports Available:

For more reports, visit our reports page.

Recent Ferris Webcasts:

About Ferris Research

Ferris Research studies messaging, and the control of electronic information. More specifically, we help IT staff evaluate and implement products and services that:

  • Provide messaging and collaborative technologies
  • Archive electronic information
  • Ensure compliance with corporate policy, industry regulations, and laws
  • Facilitate e-discovery, and contain its costs
  • Reduce the dangers of information leaks

Email is the most important type of electronic information that requires control today. Other important types include instant messages, Sharepoint teamspaces, images, voice, video, and miscellaneous desktop files.

We've been in business since 1990--longer than any other analyst firm in our field:

  • Clients include 300 of the world's 1,000 largest organizations, and computer vendors from the largest corporations to small startups
  • While other analysts have come and gone, we've published more than 200 formal reports and 1,100 short bulletins
  • Our news service covers more than 2,000 highly specialized announcements annually
  • We have nine experts in our research team, sharing many decades of experience in our core competencies

In short, our technology and industry depth helps you understand today's products, where they've come from and where they're going.

Have news you want to share with us or product or interest area that you would like us to cover? Send press releases to releases@ferris.com.

Copyright © Ferris Research 2008.


Links to this post:

Create a Link

<< Home
Lets anyone with a professional interest in messaging and collaboration keep up with the news and key trends ... To sign up, go to www.ferris.com ... If you want a version that includes analysis of the news and puts everything in a single email, subscribe to our Analyzer Information Service ... Got some news you want to share with us? Send press releases and conference announcements relevant to messaging to releases@ferris.com ... Copyright © Ferris Research 2005-2006.

September 2005 / October 2005 / November 2005 / December 2005 / January 2006 / February 2006 / March 2006 / April 2006 / May 2006 / June 2006 / July 2006 / August 2006 / September 2006 / October 2006 / November 2006 / December 2006 / January 2007 / February 2007 / March 2007 / April 2007 / May 2007 / June 2007 / July 2007 / August 2007 / September 2007 / October 2007 / November 2007 / December 2007 / January 2008 / February 2008 / March 2008 / April 2008 / May 2008 / June 2008 / July 2008 / August 2008 / September 2008 / October 2008 / November 2008 / December 2008 / January 2009 / February 2009 / March 2009 / April 2009 / May 2009 / June 2009 / July 2009 / August 2009 / September 2009 / October 2009 / November 2009 / December 2009 / January 2010 / February 2010 / March 2010 / April 2010 / March 2011 / March 2012 /

Powered by Blogger