IDC eGovernment The Future of Email Security John Ryan Operations Director Entropy.
-
Upload
zoe-butler -
Category
Documents
-
view
214 -
download
0
Transcript of IDC eGovernment The Future of Email Security John Ryan Operations Director Entropy.
![Page 1: IDC eGovernment The Future of Email Security John Ryan Operations Director Entropy.](https://reader035.fdocuments.us/reader035/viewer/2022062618/55141c7b5503466d1a8b4648/html5/thumbnails/1.jpg)
IDC eGovernment
The Future of Email Security
John RyanOperations DirectorEntropy
![Page 2: IDC eGovernment The Future of Email Security John Ryan Operations Director Entropy.](https://reader035.fdocuments.us/reader035/viewer/2022062618/55141c7b5503466d1a8b4648/html5/thumbnails/2.jpg)
Fixing Email
Email - Where Are We Now? The Current State of Messaging (Security) Top Enterprise Email Threats & The Cost to Corporations
Where Is The Industry Going? Reactive Point Solutions Proposed Email Identity Standards
New Technologies to Address these Issues? Identity, Reputation, Policy Control Unique solutions available now
![Page 3: IDC eGovernment The Future of Email Security John Ryan Operations Director Entropy.](https://reader035.fdocuments.us/reader035/viewer/2022062618/55141c7b5503466d1a8b4648/html5/thumbnails/3.jpg)
images blank
![Page 4: IDC eGovernment The Future of Email Security John Ryan Operations Director Entropy.](https://reader035.fdocuments.us/reader035/viewer/2022062618/55141c7b5503466d1a8b4648/html5/thumbnails/4.jpg)
% of IT Spend on Security
18%
34%
35%
20%
30%22%
4%
3%
2%
2%
11%
19%
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
2004 2002
Din't know
More than 25%
Between 11% and 25%
Between 2 & 10%
1% or Less
None
Source: Information Security Breaches survey 2004 – DTI UK
![Page 5: IDC eGovernment The Future of Email Security John Ryan Operations Director Entropy.](https://reader035.fdocuments.us/reader035/viewer/2022062618/55141c7b5503466d1a8b4648/html5/thumbnails/5.jpg)
IT Business Environment Changes
93%
89%
52%
34%
52%
77%
69%
28%
2%
47%
0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%
Web Access
Remote Access
Wireless
Transactional WWW
2004
2003
Source: Information Security Breaches survey 2004 – DTI UK
![Page 6: IDC eGovernment The Future of Email Security John Ryan Operations Director Entropy.](https://reader035.fdocuments.us/reader035/viewer/2022062618/55141c7b5503466d1a8b4648/html5/thumbnails/6.jpg)
The Mission-Critical App Is Collapsing
Email Is The Form Of Business Communication 80% Of Businesses Consider Email More Important Than Phones
Email Is No Longer Reliable Spam, False-Positives, Viruses, Forgery And Other Threats Make Email
Unreliable
Users Are Rapidly Losing Trust In Email
52% Say They Trust Email Less
25% Have Reduced Email Use
—Pew Internet Life Project —
![Page 7: IDC eGovernment The Future of Email Security John Ryan Operations Director Entropy.](https://reader035.fdocuments.us/reader035/viewer/2022062618/55141c7b5503466d1a8b4648/html5/thumbnails/7.jpg)
Challenges of E Mail Today!
E mail has become a mission critical communications vehicleE mail has become a major delivery mechanism for marketing messages…SPAM!Most of these marketing messages are unsolicited and unwantedSpam is perceived as the most significant problem of enterprise.
Source: Osterman Research
![Page 8: IDC eGovernment The Future of Email Security John Ryan Operations Director Entropy.](https://reader035.fdocuments.us/reader035/viewer/2022062618/55141c7b5503466d1a8b4648/html5/thumbnails/8.jpg)
Some Email Statistics
•18B message per day (73% of which is SPAM)
•Message volume has increased by 2B in January
•9.4B messages coming for “Zombie” hosts
•290,000 infected hosts tracked last week alone
•15,000+ compromised zombie networks
•75% of all Viruses are deployed via an email
•Phishing scam’s accounted for 1% of SPAM
Source: Senderbase network – go to www.ironport.com/toc
•Top countries sending SPAM ……..
1. United States
2. China
3. South Korea
4. Poland
5. France
6. Great Britain
7. Germany
8. Brazil
9. Spain
10. Japan
![Page 9: IDC eGovernment The Future of Email Security John Ryan Operations Director Entropy.](https://reader035.fdocuments.us/reader035/viewer/2022062618/55141c7b5503466d1a8b4648/html5/thumbnails/9.jpg)
Email Stats January 2006
![Page 10: IDC eGovernment The Future of Email Security John Ryan Operations Director Entropy.](https://reader035.fdocuments.us/reader035/viewer/2022062618/55141c7b5503466d1a8b4648/html5/thumbnails/10.jpg)
Corporations Pay the Consequences
Spam Will cost corporate users over
£10B in the US alone.1 Overall cost of spam between
£10B and £87B, or £50 to £1400 per worker per year.2
Set to get worse Corporate spam traffic will
rise from 44 billion messages per day in 2006, to 83 billion messages per day in 2009.3
Viruses Sobig virus cost more than
£1B.4
Disaster recovery costs increased by 23% in 2003 to almost £100,000 per organization per virus outbreak.5
Confidential information Difficult to estimate Devastating impacts
1. Ferris Research2. Pew Internet and American Life Project
3. Radicati Group4. Computer Economics5. ICSA Labs’ Prevalence Survey
![Page 11: IDC eGovernment The Future of Email Security John Ryan Operations Director Entropy.](https://reader035.fdocuments.us/reader035/viewer/2022062618/55141c7b5503466d1a8b4648/html5/thumbnails/11.jpg)
It Takes Two: Senders and Receivers
We Are All Email Senders And Email Receivers
Solving Receiver Problems Means Addressing Sender Issues And Vice Versa
The Solution To Fixing Email Is NOT One-sided
A Healthy Email System Requires Feedback Loops Integrating complaint and other corrective data back into the system is a fundamental
requirement
![Page 12: IDC eGovernment The Future of Email Security John Ryan Operations Director Entropy.](https://reader035.fdocuments.us/reader035/viewer/2022062618/55141c7b5503466d1a8b4648/html5/thumbnails/12.jpg)
Email Gateway Infrastructure Issues
On top of all the Security vulnerabilities, the infrastructure itself is at breaking point…..
Bespoke deployments Complexity Performance issues & bottlenecks Reliability of the solutions Huge Admin Overhead Limited visibility or control Managing the escalating costs $$$
![Page 13: IDC eGovernment The Future of Email Security John Ryan Operations Director Entropy.](https://reader035.fdocuments.us/reader035/viewer/2022062618/55141c7b5503466d1a8b4648/html5/thumbnails/13.jpg)
Fixing Email
Email - Where Are We Now? The Current State of Messaging (Security) Top Enterprise Email Threats & The Cost to Corporations
Where Is The Industry Going? Reactive Point Solutions Proposed Email Identity Standards
New Technologies to Address these issues? Identity, Reputation, Policy Control Unique solutions available now
![Page 14: IDC eGovernment The Future of Email Security John Ryan Operations Director Entropy.](https://reader035.fdocuments.us/reader035/viewer/2022062618/55141c7b5503466d1a8b4648/html5/thumbnails/14.jpg)
The Industry “Reacts”
Solutions are reactive NOT proactive Point solution approach Content-based filtering band-aids Cat and mouse game – its never going
to end! New filter, new threat, new filter, new threat, new filter,
new threat, new filter
There is some good news! >>>>
![Page 15: IDC eGovernment The Future of Email Security John Ryan Operations Director Entropy.](https://reader035.fdocuments.us/reader035/viewer/2022062618/55141c7b5503466d1a8b4648/html5/thumbnails/15.jpg)
Industry Adopts Identity
Sender-ID/SPF Technical Solution For Sender Address Forgery
Yahoo! Domain Keys Authenticating Entire Email Message Based On Sender
Domain
There are limitations to this “partial”
solution.
![Page 16: IDC eGovernment The Future of Email Security John Ryan Operations Director Entropy.](https://reader035.fdocuments.us/reader035/viewer/2022062618/55141c7b5503466d1a8b4648/html5/thumbnails/16.jpg)
Fixing Email
Email - Where Are We Now? The Current State of Messaging (Security) Top Enterprise Email Threats & The Cost to Corporations
Where Is The Industry Going? Reactive Point Solutions Proposed Email Identity Standards
New technologies to Address these Issues? Identity, Reputation, Policy Control Unique solutions available now
![Page 17: IDC eGovernment The Future of Email Security John Ryan Operations Director Entropy.](https://reader035.fdocuments.us/reader035/viewer/2022062618/55141c7b5503466d1a8b4648/html5/thumbnails/17.jpg)
Critical Components of a Complete Solution
The vulnerability exposed by spam, viruses, phishing is inherent to the email protocol, SMTP
Reputation services are a critical component of the solution:
123
Advanced authentication standardsIDENTITY
POLICY
REPUTATION A holistic view of a sender’s trustworthiness
Intelligently apply filtering techniques based on the apparent threat
![Page 18: IDC eGovernment The Future of Email Security John Ryan Operations Director Entropy.](https://reader035.fdocuments.us/reader035/viewer/2022062618/55141c7b5503466d1a8b4648/html5/thumbnails/18.jpg)
Black and White Lists
![Page 19: IDC eGovernment The Future of Email Security John Ryan Operations Director Entropy.](https://reader035.fdocuments.us/reader035/viewer/2022062618/55141c7b5503466d1a8b4648/html5/thumbnails/19.jpg)
SenderBase: Leading Reputation Service
• 75,000 contributing organizations• 4 billion queries daily• >25% of world’s Internet email
30,000
organizations
(25% of all email)
OtherData
OpenProxy Data
Blacklists
GlobalComplaint
Data
Global Volume
Data
SpamCop, ISP abuse data,
BondedSender abuse data
SpamCop,
SpamHaus (SBL), NJABL
SORBS, OPM,
DSBL…
Fortune 1000 status, length of sending history, location, whether domain accepts email, etc.
Authenticated Unknown Sender
Extensive network of
“invalid" accounts
3rd party email accreditation
Reputation Established
Spamtraps
-10 +10
![Page 20: IDC eGovernment The Future of Email Security John Ryan Operations Director Entropy.](https://reader035.fdocuments.us/reader035/viewer/2022062618/55141c7b5503466d1a8b4648/html5/thumbnails/20.jpg)
Traffic Shaping:Mail Flow Control NOT Filtering
![Page 21: IDC eGovernment The Future of Email Security John Ryan Operations Director Entropy.](https://reader035.fdocuments.us/reader035/viewer/2022062618/55141c7b5503466d1a8b4648/html5/thumbnails/21.jpg)
Email Security Appliances:Enforcing Policy
• Known good is delivered
• Suspicious is throttled & spam filtered
• Known bad is deleted/tagged
IronPort Appliances Use Identity And Reputation To Apply Policy
Trusted Known Senders Bypass Spam Filters Suspicious Unknown Senders Are Throttled And Filtered Hostile Senders Are Deleted Or Tagged
Email Appliance
Anti-Spam
![Page 22: IDC eGovernment The Future of Email Security John Ryan Operations Director Entropy.](https://reader035.fdocuments.us/reader035/viewer/2022062618/55141c7b5503466d1a8b4648/html5/thumbnails/22.jpg)
Scale is required
![Page 23: IDC eGovernment The Future of Email Security John Ryan Operations Director Entropy.](https://reader035.fdocuments.us/reader035/viewer/2022062618/55141c7b5503466d1a8b4648/html5/thumbnails/23.jpg)
Outbreak Filter Advantage
Virus
Mydoom.bb
Goldun.H
Sober.J
Cidra-D
![Page 24: IDC eGovernment The Future of Email Security John Ryan Operations Director Entropy.](https://reader035.fdocuments.us/reader035/viewer/2022062618/55141c7b5503466d1a8b4648/html5/thumbnails/24.jpg)
Prevention: Temporary Quarantine
Pulls outbreak rules for all incoming email attachments Triggers automated quarantine for suspicious attachments Releases messages for rescanning through standard filters
OutbreakRules
TemporaryQuarantine
Virus Filter
Closes the Reaction Gap
MyDoom.bb
6503 files Quarantined
100% capture
![Page 25: IDC eGovernment The Future of Email Security John Ryan Operations Director Entropy.](https://reader035.fdocuments.us/reader035/viewer/2022062618/55141c7b5503466d1a8b4648/html5/thumbnails/25.jpg)
VoF Advantages
Nyxem-D / Grew A Yabe.E Troj_Yabe.F Danmec.E Bagle.EV
VoF 16/01/2006 14:36 01/12/2005 07:06 12/12/2005 00:26 04/12/2005 09:15 13/02/2006 16:10AV Vendor 18/01/2006 10:32 01/12/2005 15:42 12/12/2005 05:42 04/12/2005 14:36 13/02/2006 19:56
VoF Lead Time 43:56 08:35 05:24 05:21 03:46
Virus Description Dangerous mass mailer that deletes important files of infected PCs on third day of every month.
Trojan that spoofs itself as a non-malicious PDF attachment.
Spammed trojan that attempts to convert computers into Bots.
Trojan that performs monitoring theft to seal important user information.
Worm that propagates via SMTP and P to P.
Source http://secunia.com/virus_information/26334/
http://secunia.com/virus_information/24374/trojyabe.e/
http://secunia.com/virus_information/24904/trojyabe.f/
http://secunia.com/virus_information/24497/trojdanmec.e/
http://secunia.com/virus_information/26993/
All times in GMT. Trend Signature times per Secunia (www.secunia.com). Note, Secunia reports times in GMT +1.
Outbreak Filters Lead Times Relative to Leading AV VendorSelected Viruses: Dec '05 - Feb '06
08:3505:24 05:21 03:46
43:56
Nyxem-D / Grew A Yabe.E Troj_Yabe.F Danmec.E Bagle.EV
Outbreak
Iro
nP
ort
Le
ad
Tim
e Average Lead Time: 13:24
![Page 26: IDC eGovernment The Future of Email Security John Ryan Operations Director Entropy.](https://reader035.fdocuments.us/reader035/viewer/2022062618/55141c7b5503466d1a8b4648/html5/thumbnails/26.jpg)
Consolidation of the Email Perimeter
BEFORE AFTER
Email Appliance
![Page 27: IDC eGovernment The Future of Email Security John Ryan Operations Director Entropy.](https://reader035.fdocuments.us/reader035/viewer/2022062618/55141c7b5503466d1a8b4648/html5/thumbnails/27.jpg)
Summary
Security spend has to increase to meet the ever increasing business demands
Email is now THE critical communications system
Our email systems are under attach and straining to deliver
We need to re-think our approach to email delivery and invest in new technology