White paper

Email content security
Addressing the email risks

Email content security
Addressing the email risks
Introduction
Email is a great business tool. It’s fast, cheap, universal and easy to deploy. However, companies that make use of email are confronted with a number of risks. Viruses and spam are the most obvious risks. Viruses can cause down time, loss of productivity and in the worst case can expose confidential data. Spam is not only offensive and annoying; it causes loss of productivity, decreases bandwidth and costs companies billions of dollars each year. Legal liability is another cause for concern. Several high-profile lawsuits with multi-million dollar penalties have highlighted the fact that companies are liable for the contents of the emails that are sent over their network. Therefore, every smart company that uses email must take measures in order to stop, or at least minimize the effect of these email risks.

Top 6 Email risks
Companies that make use of email face the following potential risks: #1. Lost productivity & network congestion Employees sending personal emails and sifting through spam mail can cause major loss of productivity. For example, if each employee takes 5 seconds to view a spam mail, based on an average salary of 25 dollars per hour, this will cost the employer 3 cents per spam mail. If every employee received 25 spam mails per day, spam would cost a company with 100 users no less than 20,000 dollars per year. In addition to spam and personal emails, viruses can also lead to network downtime and in turn cause lost productivity. #2. Legal liability In most cases the employer is held responsible for all the information transmitted on or from their systems. Consequently inappropriate emails sent on the company network can result in multi-million dollar penalties. In the last few years there have been several high profile lawsuits such as the case against a global oil company filed by four female employees. The employees alleged that sexually harassing emails sent through the company email system caused a threatening work environment. One of the sexually offensive messages was a ‘joke’ sheet entitled ’25 reasons why beer is better than women’. The company settled the case for no less than 2.2 million dollars. #3. Damage to reputation There is no doubt that the contents of corporate emails reflect on the business. A badly written email, or an email containing unprofessional remarks will cause the recipient to gain a bad impression of the company the sender is representing. UK law firm Norton Rose had to find this out the hard way when two of their employees originated the ‘Claire Swire’ email, a sexually explicit email that ended up being read
Email content security - Addressing the email risks Page 1

by over 10 million people around the world. Especially since the company in question was a law firm, and the employees were attorneys, this email caused severe damage of reputation. #4. Confidentiality breaches Most confidentiality breaches occur from within the company. These breaches can be accidental, for instance a Siemens Nixdorf employee unintentionally distributed confidential internal emails to a trade worker’s association. In Australia, a travel company accidentally sent a customer list to a competitor when an employee selected an incorrect alias as the recipient. However confidentiality breaches can also be intentional. Borland International Inc. filed a lawsuit against one of their former employees who had used the company’s email system to send out confidential information to competitor Symantec, his new employer. The trade secrets included product design specifications, sales data and information regarding a prospective contract for which both companies were competing. The employee and recipient were both charged with trade secret theft. #5. Regulatory compliancy New and existing regulations are forcing companies to keep a record of their emails and to protect their client’s privacy. In the US, the Health Insurance Portability and Accountability Act (HIPAA) requires health care institutions to keep a record of their email communications and secure confidentiality of information. The U.S. Securities and Exchange Commission (SEC) and Gramm-Leach-Bliley Act (GLBA) impose similar duties on financial institutions. In the new IRS Circular 230, the IRS requires tax advisors to add an email disclaimer to any emails including tax advice, expressly stating that the opinion cannot be relied upon for penalty purposes. Steep penalties can apply to those organizations that do not comply with their industry’s regulations. In a case lasting from 2000 until 2005, a well-known financial institution was recently forced to pay 20 million dollars in penalties by the Securities and Exchange Commission for not diligently searching for email back-up tapes and over-writing multiple back-up tapes. #6. Increasing bandwidth and storage needs Not only is the use of attachments growing, their size is increasing as well. According to the Radicati Group, attachments make up more than 85% of all email data. Large attachments use up bandwidth and storage space. Although the cost of storage space has decreased over the years, the larger the message store, the more management it requires and the longer it takes to restore messages after a mail server failure.

How to protect against email risks
The first step in securing your company from email risks is to create an email policy that sets out all the do’s and don’ts regarding the company’s email system. Next, you must enforce your email policy by distributing it amongst your employees and educating users in their email use. Finally, you require content checking software that filters your internal and external email traffic in order to enforce your email policy.

Email content security - Addressing the email risks

Page 2

Policy Patrol
Policy Patrol is a comprehensive email filtering tool that offers anti-spam, virus checking, keyword filtering, attachment blocking, disclaimers, compression and many more email management features. Policy Patrol is one of the few products that can filter internal emails (if installed on Exchange server 2000, 2003 or 2007). The product is used by internationally renowned companies such as Nissan, USA.net, Targus, Canadian Pacific Railway, Lotto, Fujitsu Services (Central Government customer), Daewoo and many more. Policy Patrol helps you protect your company against the email risks in a number of ways:

Lost productivity & network congestion
Policy Patrol minimizes lost productivity and network congestion by blocking spam, viruses, compressing attachments, delaying large attachments, filtering personal mails and producing usage reports. Anti-spam Policy Patrol combats spam by using multiple spam filtering methods and sorting spam messages into a known spam or suspected spam category, allowing you to only concentrate on reviewing suspected spam and avoid wasting any time on known spam messages. Users can view, delete and deliver their own spam messages via a web console and a quarantine report that is sent at regular intervals via email. It is also possible to forward messages to the junk mail folder if preferred. Anti-virus With the Kaspersky™ Anti-Virus add-on module, Policy Patrol scans messages & attachments for known and unknown viruses, email exploits and malicious scripts & macros. Kaspersky™ Anti-Virus includes a sophisticated Code Analyzer that detects harmful instructions in a code and can therefore block viruses and malicious scripts even if they are still unknown. Policy Patrol can attempt to clean infected messages and if the virus cannot be cleaned, the infected part of the message (attachment or HTML body) can be deleted. You can also configure rules that further process mails with viruses or suspected viruses. For instance, you can notify the sender that their message was deleted, or add the sender's email address to a 'Virus senders' filter. Compression Policy Patrol can help you save bandwidth and storage space by automatically compressing large attachments. By using conditions you can configure Policy Patrol to only compress attachments of a certain size, or attachments of a certain type. Delaying emails If messages contain large attachments, you can decide to delay them and deliver at off-peak times. This will save you valuable bandwidth and will stop your mail system from getting blocked. You can apply the delay rule to certain users or groups and/or exclude users or groups, for instance management. Furthermore, you can configure a notification message to be sent to the recipient, sender, user’s manager and/or Administrator, stating that the message has been delayed. If the message is urgent, the moderator can decide to deliver the message straight away.

Email content security - Addressing the email risks

Page 3

Block personal emails By checking mails for personal content (resumes, ecards, gambling, chain letters, colloquial words, video and sound attachment types) you can attempt to limit personal usage of the email system. You can block personal emails altogether or delay the messages for delivery at off-peak times. Reporting By viewing reports on the type and size of attachments that users send and receive, it is possible to identify heavy users of the email system. This information can also help determine whether the usage is likely to be personal or business related. Moreover Policy Patrol reports include information on the amount and type of rules that users triggered, which can also help identify bottlenecks.

Legal liability
Legal liability can be reduced by adding legal disclaimers and making sure that no offensive or inappropriate emails are either sent or received by the company. Keyword filtering Policy Patrol can filter messages for offensive words and phrases. If an inappropriate word is found, Policy Patrol can quarantine the message and send a notification to the sender, recipient, user’s manager, Administrator or another email address. The notification can include details of the quarantined message such as subject, sender and recipient. Upon accepting or rejecting the message, notifications can be sent to the sender, recipient, user’s manager, Administrator or another email address. Disclaimers Apart from searching for and quarantining emails with offensive words and phrases, Policy Patrol can reduce a company’s liability by adding disclaimers to emails. Although a company is ultimately responsible for the actions of its employees, including the content of any emails they send, a disclaimer can decrease liability; if a company can show that it has correctly instructed its employees not to send libellous, inappropriate or defamatory statements this could help in disclaiming responsibility if an employee breaches these rules. Policy Patrol adds disclaimers at server level and provides companies with a sophisticated tool for implementing a well-planned disclaimer strategy. By offering user and group based disclaimers (optionally with user exceptions), and by differentiating between internal and external mails, Policy Patrol allows companies to add different disclaimers in different situations and therefore increase the effectiveness of the disclaimer notice. Internal email filtering & disclaimers Policy Patrol is one of the very few products that can filter internal mail (if installed on Exchange 2000 or 2003). Especially for legal liability issues this is important since if inappropriate emails are distributed internally, the company can be held liable for not providing a safe working environment. Therefore it is important to content check internal emails with Policy Patrol, as well as add disclaimers.

Damage to reputation
Policy Patrol can protect against this threat by content checking emails for offensive content and adding disclaimers to messages.

Email content security - Addressing the email risks

Page 4

Disclaimers Damage to reputation can be decreased by adding a disclaimer statement that states that the views expressed in the email do not necessarily represent those of the company. Keyword filtering By quarantining messages with offensive or inappropriate words, you can ensure that no email leaves your company with potentially embarrassing or harmful content. Policy Patrol can send a notification to the user’s manager when a new message is quarantined, so that it can be reviewed and accepted or rejected. The sender can also be notified that the message has been placed in quarantine.

Confidentiality breaches
Policy Patrol can help you prevent confidentiality breaches by adding disclaimers and checking emails for words, attachment names and types, and by detecting attachment spoofing. Keyword & attachment checking Policy Patrol can check emails for words, attachment names (e.g. known names of confidential documents) and attachment types (e.g. attachment types that can contain confidential information, such as word processor and database files). Attachment spoofing If users try to bypass filters by giving confidential files a false extension, Policy Patrol can pick up on this since it can verify many file types. This means that if a user were to for instance rename a .doc file to a .jpg file, Policy Patrol would know that the .jpg file is spoofed and can then quarantine the message with the attachment. Rules can be set for certain individuals or business groups and/or rules can be applied company wide, optionally with the exception of certain users or groups, for instance management. Disclaimers By including a disclaimer that warns that the content of the email is confidential, Policy Patrol can help protect your company against the unintentional exposure of confidential information. If the receiver breaches this confidentiality, they could be liable. Internal mail filtering Confidentiality breaches can occur within the company as well as outside the company. For instance, it is possible that confidential employee information is unintentionally sent to the wrong person. Policy Patrol can filter and add disclaimers to internal emails as well as external emails (if installed on Exchange Server 2003/2000). Furthermore, Policy Patrol can apply different rules, for instance add a different disclaimer, depending on whether the message is sent internally or externally.

Regulatory compliancy
By adding disclaimers and archiving your emails, Policy Patrol can ensure compliancy with industry rules and regulations.

Email content security - Addressing the email risks

Page 5

Archiving Some regulations require companies to keep a record of their emails. Policy Patrol can archive sent and received emails to a SQL Server database. If you install Policy Patrol on an Exchange Server 2000 or 2003 machine, you will also be able to archive internally sent emails. Users can retrieve and restore their own emails by making use of the Email restore client that adds into Outlook. Administrators can search and restore archived emails from the Policy Patrol console. Disclaimers To ensure confidentiality of information sent via email, companies are having to add disclaimers to their email messages, notifying the recipient that the information is confidential and may not be distributed to others. Policy Patrol can add user-based disclaimers to the top or bottom of emails, therefore allowing you to add customized disclaimer notices depending on the user division or job function of the sender. Furthermore, by making use of merge fields the disclaimer notice can be made more specific, for instance by actually naming the intended recipient and by adding a date to the disclaimer. Internal archiving and disclaimers To ensure regulatory compliancy it is important to archive and add disclaimers to all your emails, including emails that are sent internally over the company network.

Increasing bandwidth & storage needs
Policy Patrol can regulate bandwidth usage and reduce storage needs by rejecting and deleting spam messages, compressing attachments, delaying large attachments and blocking personal emails. Anti-spam By rejecting (i.e. not downloading) spam messages that are listed on real-time black lists or that are not addressed to local recipients (NDR spam attacks), Policy Patrol can save bandwidth as well as storage space. By downloading messages and later deleting them, no bandwidth savings are made but storage space is still reduced. Compression Policy Patrol can help you save bandwidth and storage space by automatically compressing attachments at server level. By using conditions you can configure Policy Patrol to only compress attachments of a certain size, or attachments of a certain type. Delaying emails If messages contain large attachments, you can decide to delay them and deliver at off-peak times to make the most efficient use of bandwidth resources. Block personal emails Bandwidth and storage space can be saved by deleting non-business related attachments (such as video and sound attachments). Personal emails containing chain letters, jokes, resumes or gambling can also be deleted or delivered at off peak times.

Email content security - Addressing the email risks

Page 6

How to get more out of your email
Policy Patrol not only protects against threats, it can also help you manage your email more efficiently. Here are just a few examples of what Policy Patrol can do: Add personalized signatures at server level. By retrieving your users’ Active Directory/Exchange 5.5/Lotus Domino properties, Policy Patrol allows you to configure a global signature that is customized with the sender’s personal information. Send automated messages when emails are sent to a certain email address or when they contain a certain subject. For instance, you could configure Policy Patrol to send a message containing a product brochure, every time someone sends a mail to sales@company.com with ‘product brochure request’ in the subject. Policy Patrol can also send auto replies, for instance to confirm that an email has been received. Send blind copy to another mailbox when certain messages are sent or received. For instance, if mails to sales@company.com are forwarded to user1@redearthsoftware.com, Policy Patrol can automatically send a blind copy to user2@redearthsoftware.com. Customize your NDR messages. Policy Patrol can make standard NDR messages user-friendlier. Add a Vcard (or other attachment) to email messages that are sent to new contacts. By automatically adding the recipient to a filter list, you can ensure that each recipient will only receive the Vcard (or other attachment) once. Decompress zip attachments to save users having to unzip attachments. By specifying a maximum extracted file size you can prevent attachments from becoming too large. Replace From: or Reply to: email address, for instance if you wish certain mails to be sent from a generic email address, such as sales@company.com. Add a tag or set high priority for mails from important customers or customers with a service contract (create a Domain/email address filter for these customers). Run an application when messages contain certain characteristics. This option can be used for many things such as sending an SMS message and processing messages into a database.

Why choose Policy Patrol?
Compared to other email security products, Policy Patrol is an extremely comprehensive and flexible email filtering solution that includes many unique features. Policy Patrol distinguishes itself from other similar products on the following points: Internal and External filtering: Policy Patrol is the only product that offers internal mail filtering for Exchange Server 2003/2000 as well as a full feature set, all included in one program. Furthermore, Policy Patrol can apply different rules depending on whether the message is sent internally or externally. One stop solution: Many products require you to install two versions (Exchange and SMTP version) in order to gain access to all features. Policy Patrol includes all features in one product and saves you installing two products to get complete

Email content security - Addressing the email risks

Page 7

functionality. Advanced disclaimers: Policy Patrol offers advanced disclaimer features that not many other products offer (formatting and images in disclaimer, user merge fields from Active Directory, Exchange 5.5 or Lotus Domino, disclaimer as plain text attachment, avoid multiple disclaimers when replying or forwarding, and custom disclaimer positioning). Advanced anti-spam: Apart from all the usual features the program includes user based anti-spam, detailed message tracking and customization. It also allows users to handle their own spam and update white lists and black lists. Unique features: Policy Patrol includes unique features not found in any other product, such as printing emails, changing message priority, adding an attachment or header, customizing DSNs and adding a vCard. Scalable: Policy Patrol is available with different feature sets (compression, disclaimers, spam filtering, all features with/without anti-virus) and features/users can be added according to the customer's needs. Cost effective: Policy Patrol only requires the users for whom rules are configured to be licensed. Customizable: Extremely flexible and customizable product: For each rule, Policy Patrol allows you to select specific users or groups (and optionally select excluded users), and to specify any conditions or exceptions that should (not) trigger the rule. Furthermore, Policy Patrol includes advanced user permissions at folder and component level allowing managers to share monitoring tasks. User friendly: Easy to configure and install. Rules wizard uses Outlook rule wizard logic, making it instantly comprehensible. Bottom line: Comprehensive set of features at a competitive price.

What Policy Patrol customers say
‘Policy Patrol has been in use for some time now and we think it is excellent! We catch over 1200 SPAM emails a day.’
Matt Franklin - Manager of Data Center Operations, RPM International Inc. (Medina, Ohio)

'Great product. Works better than any other SPAM filter we have tried. Clients are begging us for a SPAM solution.’
Ben Rutter - Project Coordinator, Lionfield Technology Solutions (Exton, Philadelphia)

‘After looking into several e-mail filtering solutions, I decided to go with Policy Patrol because of its flexibility, ease of use and mail filtering effectiveness. Policy Patrol took no time to implement into our existing e-mail environment without any disruption to users. The Policy rules are very easy to setup, customisable and most important of all very effective in stamping out spam & virus infected e-mail, which was our number one priority.’
Owen Treanor - European MIS Coordinator, Rainbow Technologies (Surrey, UK)

‘Great product, easy to configure, saves time & trouble. Policy Patrol has cut down

Email content security - Addressing the email risks

Page 8

on the SPAM & junk and made productivity go up. I'm able to spend time on things I want to do, instead of "Baby-sitting" the email server.’
Todd Munro - Network Administrator, LifeLink Tissue Bank (Tampa, Florida)

About Red Earth Software
Red Earth Software is a Microsoft Certified Partner that specializes in the development of content security solutions that help companies regulate and optimize the use of their email and Internet systems. Policy Patrol currently filters emails for more than 350.000 users worldwide and is used by customers in nearly every industry including educational, non-profit, financial, legal, health care, manufacturing and government. Included among Red Earth Software clients are large international organizations such as Nissan, Targus, Canadian Pacific Railway, USA.net, Lotto, Fujitsu Services (Central Government customer), Daewoo and Sony of Canada Ltd.

More information
To download the white paper Email disclaimers – The legal and practical issues, please go to: http://www.policypatrol.com/requestwpemaildisclaimersfrm.htm. For Red Earth Software’s white paper Circular 230 – Achieving disclaimer compliance, please go to http://www.policypatrol.com/circular230.htm. For more information about Policy Patrol or to download a 30-day evaluation version, please visit http://www.policypatrol.com.

Contacting Red Earth Software
Red Earth Software, Inc. 595 Millich Drive, Ste 210 Campbell, CA 95008 United States Toll-free: 1-800-921-8215 Phone: (408) 370 9527 Fax: (408) 608 1958 Sales: sales@redearthsoftware.com Support: support@redearthsoftware.com Red Earth Software Ltd Sonic House, Suite 301 43 Artemidos Avenue 6025 Larnaca Cyprus Tel: +357-24 828515 Fax: +357-24-828516 Sales: sales@redearthsoftware.com Support: support@redearthsoftware.com
Policy Patrol® is a registered trademark of Red Earth Software®. Copyright © 2001- 2009 by Red Earth Software.

Red Earth Software (UK) Ltd 20 Market Place Kingston-upon-Thames Surrey KT1 1JP United Kingdom Tel: +44-(0)20-8328 9830 Fax: +44-(0)20-8711 5771 Sales: sales@redearthsoftware.co.uk Support: support@redearthsoftware.co.uk

Email content security - Addressing the email risks

Page 9

Sign up to vote on this title
UsefulNot useful