10 steps to a holistic secure messaging strategy: Check IT List
Crystal Ferraro
10.28.2003
Rating: --- (out of 5)
This tip originally appeared on SearchSecurity.com, a sister site of SearchSMB.com.
Insecure messaging comes with a host of dangers including data loss, theft and leakage, compromised systems, downtime and loss of productivity. Unfortunately, secure messaging is no longer as straightforward as keeping the latest virus from entering an organization via e-mail. At Information Security magazine's Security Decisions conference Jim Reavis, president of Reavis Consulting Group, outlined 10 steps for a holistic secure messaging strategy. Here are the highlights.
- Implement enforceable policies that users understand. Policies should clearly communicate acceptable and appropriate usages with clear definitions and examples. Users should know what is good behavior and what is bad behavior, Reavis said.
- Build your messaging architecture to allow for granular rules control. "We need agility in our networks and messaging systems," Reavis said. By compartmentalizing you can improve incident response and provide limited service during an incident.
- Develop a formalized computer emergency response team (CERT) and incident response plan specific to messaging incidents. A specialized messaging response team should focus on containment, disinfection, remediation and rebuilding systems.
- Create an awareness program to strengthen your last line of defense -- your users. Include courseware such as PowerPoints or Flash to reinforce policy and educate about threats and safe practices. Tell users what to do in case of an incident and where to go for help. Make it easy for users to report incidents via the company intranet. If the reporting procedure is difficult or makes users feel dumb, they won't report.
- Maintain a baseline and continuous measurement system of your network. "If you don't understand how your network operates, you don't understand your business," Reavis said. This includes network traffic analysis, e-mail and IM logging and trend analysis.
- Increase your organization's use of encryption. While encryption is virtually unbreakable, most organizations only encrypt 1% of all messages, Reavis said.
- Proxy all connections, including peer-to-peer applications such as instant messaging. You can also do e-mail encryption by proxy, Reavis said. An encryption proxy sits on the network between the e-mail server and the Internet. The proxy manages keys, encrypts messages and gives the recipient the option of a secured SMTP message or Webmail.
- Deploy multiple layers of virus/spam protection. There are five possible antivirus scanning points: e-mail client, e-mail server, antivirus gateway, network layer antivirus appliance and a managed security service provider. Reavis recommended using three of these five points and using two different vendors.
- Deploy best-of-breed solutions. "This is where the industry is right now. Integrated suites are very immature and don't provide adequate security," Reavis said.
- Finally, take an integrated team approach to securing your organization's messaging systems.
Do you have comments on this tip? Let us know.
|
|
Rate this Tip
|
To rate tips, you must be a member of SearchCIO-Midmarket.com.
Register now
to start rating these tips. Log in if you are already a member.
|
DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.
|
|
|
|
|
|
|
