IT Still Playing Catch-Up on E-Mail Security
Email
Print
The IT community is falling behind in the race against spam, phishing and the like.
What is the price of e-mail security? The word "price" (or a close variation) was in the message area in e-mail messages produced by the latest major virus, which made the rounds of the Internet last week. This variant of the ever-present Bagle worm serves as another reminder of the fragile nature of an e-mail system on which many of us depend. As Microsoft releases its Windows XP Service Pack 2 security-oriented update, which includes a range of security patches and a more visible look at the security status of individual computers, its a good time to assess the state of the technology infrastructure. At a security summit eWEEK held in May, former White House counterterrorism chief Richard Clarke provided a pessimistic assessment of the current and projected status of the technology infrastructure. "Things are not getting better; they are getting worse" in the information security world, Clarke said at the summit. He listed the growing number of vulnerabilities and exploits, the increasing speed with which those exploits circle the globe, and the growing sophistication of cyber-criminals as evidence of the worsening state of computer security.
Click here to read more about spams rising tide.
While the technologies are in place to slow spam, the business processes to implement those technologies are lacking. Those processes wont be put in place until companies realize how much the spam wave is hurting their business. In addition, if you ask an IT manager about spam, he or she will tell you about the millions of messages blocked, but dealing with one wave when a bigger wave is headed your way is not the way to solve the problem.
There is no one solution to the spam problem that will block all unwanted mail and allow mail only from trusted parties, but approaches that involve private mail networks are gaining ground. I fully expect to see corporate technology departments set up virtual private e-mail networks that allow communications only among trusted suppliers, vendors and customers.
The time wasted on spam is increasing because of spam delivered on cell phones, as well as spim (spam instant messages). We are losing ground in the spam race.
Click here to find out how lawmakers and vendors are taking action to increase penalties for phishing attacks.
The combination of skillful phishers, rapid theft and identity distribution presents a powerful threat not just to the online economy but also to traditional companies expanding online operations. Combating phishing effectively will require setting up trusted private networks that allow authentication, monitoring and limited access. The wide-open Web is increasingly becoming a place where business cannot be conducted safely.
Next month, we will hold another security conference, and Clarke will again be a keynote speaker. At that event, well examine the technologies and services aimed at stopping spam, spim, phishing and identity theft.
While the odds of stopping those digital attacks and thefts are small, the ability to confine them to noncritical parts of a companys computing infrastructure is a worthy goal. The creation of broad integrated applications and operating systems in the infrastructure without adequate digital walls and restrictions helped create the current mess. We must pick up the pace of this technology race or risk losing many gains in Internet-based commerce and business.
Editor in Chief Eric Lundquist can be reached at eric_lundquist@ziffdavis.com.
To read more Eric Lundquist, subscribe to eWEEK magazine.
Check out eWEEK.coms Messaging & Collaboration Center at http://messaging.eweek.com for more on IM and other collaboration technologies.
Be sure to add our eWEEK.com messaging and collaboration news feed to your RSS newsreader or My Yahoo page
