1. /
  2. Confident Insights Newsletter/
  3. Comprehensive Messaging Security

Comprehensive Messaging Security

March 11, 2008

Summary

Messaging threats in general are on the rise, but they also fluctuate, leading many organizations to demand the ability to instantly adjust spam and virus filtering capacity without having to add or configure the physical infrastructure.

Introduction

For most organizations today, email is the single most critical channel for internal and external communication. With increases in network bandwidth, the use of email as a vehicle for rich media has exploded; beyond simple text, email is now used to send rich media including HTML, graphics, audio, and video. Having become critical for corporations in the 1990s, email is now a vital form of business record.

Of course, email is no longer the only form of electronic messaging and collaboration. In recent years, instant messaging (IM) has caught on in many organizations. Users at most organizations now use IM – even if it isn't supported by the IT department. It's even been estimated that IM may overtake email as soon as this year in terms of the number of messages sent between users.

But just as with email, the ease and power of IM have caused a number of risks and challenges to arise. IM is increasingly the target for attackers to propagate IM-borne viruses, worms, spim (spam over IM), malware, and phishing attacks. These attacks have grown exponentially over the past three years, increasing the need for real-time threat response for IM and peer-to-peer (P2P) applications. For example, according to the most recent Symantec Internet Security Threat Report, one of the top malicious code families in the first half of 2007 was the Mespam Trojan, which sends instant messages containing a malicious URL.

Over time, the overall impact of these messaging threats has begun to be understood and measured in the following ways:
  • End-user productivity decreases due to
  • Asset damage and downtime due to virus attacks and worm outbreaks
  • Regulatory pressure to monitor and control inbound and outbound email content
  • Time spent by administrators to deploy and manage a messaging security solution
At the same time, the February 2008 Symantec State of Spam Report provides insight into how messaging threats are constantly evolving. For example:
  • There was no evidence that spam levels subsided after the most recent holiday season, as would be expected. In fact, spam accounted for 78.5% of all email traffic during January 2008.
  • Europe is the new King of Spam. The percentage of spam messages originating from Europe surpassed that of North America for the third month in a row, representing a significant shift in where the bulk of the world’s spam is "supposedly" sent from.
  • Playing on people's hope for a tax refund, spammers have recently been sending an official-looking email bearing the logo of the U.S. Treasury Department, promising recipients an early tax refund.
  • Spammers are also capitalizing on rising gas prices. Symantec has observed some Russian spam that promotes a device that would allow the user to change manure into bio-fuel.
  • One of the most persistent Italian spam attacks in recent months has been a work-from-home job offer. The email seeks applications for "Administrative Agents for Online Payments" and "Remote Support Agents." In fact, this is a money-laundering scheme. Symantec's filtering technologies blocked at least 650,000 of these messages in January 2008 alone.
The ongoing issue facing messaging administrators, then, is how to preserve the value of messaging in light of these escalating security threats.

All-in-one protection

For many of today's organizations, the issue is compounded by the challenge of keeping up with growing messaging and spam volumes while keeping costs down. Increasingly, this means deploying a solution that integrates email security, IM security, and outbound content control capabilities in one gateway-based appliance. Specifically, the appliance must enable administrators to:
  • Stop spam, denial-of-service attacks, and other inbound email threats
  • Leverage global and local sender reputation analysis to reduce email infrastructure costs by restricting unwanted connections
  • Filter email content to remove unwanted content, demonstrate regulatory compliance, and protect against intellectual property and data leakage over email
  • Secure and protect public IM communications using the same management console as email
  • Obtain visibility into messaging trends and events with minimal administrative burden
Moreover, while messaging threats in general are on the rise, they also fluctuate, leading many organizations to demand the ability to instantly adjust spam and virus filtering capacity without having to add or configure the physical infrastructure. This "virtual" option would give them the choice of quickly and incrementally scaling their messaging security infrastructure while taking advantage of the resource utilization benefits of virtualization. It would also allow them to avoid provisioning to peak capacity with special-purpose hardware that can't be used for other applications when spam waves recede.

A virtual messaging defense

The Symantec Mail Security 8300 Series Virtual Edition's centralized control console allows users to instantly increase or decrease messaging scanning capacity across existing servers and appliances. Users can also automatically synchronize configurations and reporting across systems, allowing them to better and more easily measure system efficacy and meet industry compliance standards and regulatory mandates. The Symantec Mail Security 8300 Series Virtual Edition improves the efficiency of the messaging infrastructure by scanning and removing unsolicited messages from network and mailbox servers. The Symantec Mail Security 8300 engine delivers greater than 97% effectiveness, combining email and IM scanning and filtering capabilities in a single product.

Conclusion

With messaging systems becoming more and more vital to today's organizations, protection against inbound and outbound email- and instant IM–borne threats is more important than ever. By tapping advanced content filtering and structured data protection support, IT can more effectively control sensitive data, reduce the risks associated with data leakage, and meet regulatory compliance mandates and corporate governance demands.

Symantec Mail Security 8300 Series appliances deliver antispam, antivirus, and advanced content filtering technologies, in either a physical or virtual appliance form factor, to protect against malicious threats. Symantec appliances protect an organization's messaging infrastructure and help ensure business uptime and user productivity by reducing spam volume and keeping email secure.

Back to Newsletter