Security Web Digest: Merrill Lynch to Ban Internal Accesss to Outside E-Mail Services

AOL, Yahoo and MSN no longer accessible from company network. Practice is growing in financial world.

Symantec releases new security appliances

SSCP and CISSP certification reviews available in new online courses.

FBI p

Enterprise

Fulfilling a promise it made earlier in the year, Symantec Corp. will release next month a new line of gateway security appliances, the Symantec Gateway Security Appliance 5400 Series. The release is scheduled for Sept. 9 and will add to Symantecs family of Gateway Security Appliances, which combine firewall, intrusion detection, content filtering, and antivirus technologies on a single hardware device, according to information released by the company last week. Like earlier editions of the Gateway Security Appliance, 5400 series appliances will offer high availability features such as load balancing and clustering as well as event reporting capabilities, Symantec said.

IT security pros can beef up their skills in new online security standards certification programs this fall. The courses will be offered by the International Information Security Certification Consortium (ISC2) and Web-based e-learning company VCampus, the companies said Monday. The Web-based curriculum will offer Systems Security Certified Practitioner (SSCP) and Certified Information Systems Security Professional (CISSP) review seminars preparatory to certification testing, which will continue to take place off-line in ISC2 facilities. "ISC2 certification rests on a common body of [IT security] knowledge," said Marc Thompson, vice president of the consortiums training institute. Through surveys of its membership and the IT security industry at large, the ISC2 constantly monitors and fine-tunes its body of knowledge, he said.

Privacy

The Federal Bureau of Investigation reportedly has met with senior officials from the Federal Communications Commissions twice in the last four weeks to push for expanded wiretapping laws that would cover VoIP technology and ISP services. The FBIs authority in this area comes primarily from the 1994 Communications Assistance for Law Enforcement Act (CALEA), which required digital phone applications -- then leading edge technology -- to be architected so law enforcement could better monitor activity on those networks. At the time, though, Congress specifically exempted Internet Service Providers and other information technologies, such as Voice over Internet Protocol.

Intellectual Property

Digital song-tracking company Audible Magic Corp. is striking a deal with Universal Music Group for song information, getting another leg up in its quest to be able to identify -- and potentially block -- music as it is transferred online. The new arrangement, expected to be announced Tuesday, will see Universal give Audible Magic a "fingerprint," or digital identification tool, for each song it releases, before albums are shipped to retailers. The company uses those fingerprints to identify copyrighted songs online or in other venues such as CD-manufacturing plants to help guard against unauthorized copying. Audible Magic already has information from Universal and other labels in its databases, but getting the songs directly from the label before release will help make the identification business more efficient, Audible Magic CEO Vance Ikezoye said.

Internet 

Merrill Lynch on Friday will ban access to outside e-mail services from popular sites such as America Online, Yahoo and MSN, in response to regulatory requirements and to protect its network from viruses, according to a company memo. The policy shift will affect the 48,000 Merrill Lynch employees worldwide who use the companys Internet network. A Merrill Lynch representative said the policy is an extension of existing bans in departments such as the trading desk. Other investment banks, such as Goldman Sachs, have similar companywide policies. The policy will also affect access to outside message boards, chat rooms and forums, and any access to accounts from Internet service providers. The memo also included Juno, EarthLink and Comcast in its list of banned ISPs.