Multi-Tiered Approach to Email Security

Securing the email environment is an important aspect of a business' IT operations. In fact, a 2005 survey conducted by IDC found that 90% of small and medium-sized businesses rely on email. Email plays a critical role in these business environments – if email goes down, their business stops. Without a multi-tiered approach to email security, problems such as spam, viruses, or inappropriate usage can cause real trouble. Unfortunately, many small and medium sized businesses don't have the luxury of a large IT department or IT group, leaving limited resources and time to deal with IT security issues. According to Symantec's most recent Internet Security Threat Report, 50% of monitored email between July and December 2005 consisted of spam. The report also found that the small business sector was the third most targeted segment during that same time period. This is likely due to the fact that small businesses often lack an adequately secure IT infrastructure and therefore are more vulnerable to attacks. By taking a holistic approach to email security and implementing procedures and measures on all levels of your infrastructure, you can help protect your business from a variety of email threats.

Infrastructure-level security
Starting from the business-wide level down to individual machines, multi-tiered email security will give your business the protection it needs. Here are the different levels of your IT infrastructure that should be equipped with security:

Gateway tier: A gateway serves as an entry and exit point to the network. It is a good idea to install protection at this level, where mass-mailer worms can be scanned and deleted, spam can be moved to quarantines, and unwanted content can be moved from active storage to less expensive storage. Additionally, outbound messages can be scanned at the gateway – helping prevent viruses and inappropriate content from being sent out from your company's email addresses. Filtering at the gateway level also helps reduce the unwanted traffic and burden on your mail servers.

Mail server tier: A mail server is a computer that receives, sends, and stores email, and is where the core mail security solutions should be. Mail server operating systems like Microsoft Exchange and Lotus Domino manage email flow. It is important that you have integrated mail protection that work with these programs to ensure maximum protection against virus threats, spam, and security risks. You can also enlist help to manage your mail externally by employing hosted mail security solutions that protect your email without requiring onsite hardware, software or ongoing maintenance.

Desktop tier: This is where individual users interact with the external environment through email. Every client machine should be equipped with a combination of antivirus, antispam and desktop firewall solutions to protect against email threats. Another reason to have protection at the desktop tier is to deal with Instant Messenger threats.
According to research firm IDC, nearly 40% of small to medium-sized businesses utilize IM in their environment. Unlike email, IM bypasses the mail server and allows employees to communicate outside of company firewalls through the Internet. This scenario opens up a host of new risks. However, a solution such as Symantec IM Manager 8.0 will manage, secure, log, and archive IM traffic and help reduce the risk that IM introduces.

Backup: Like IM security, the need to back up email is often overlooked. To ensure that your email and mailboxes are preserved, and in order for operations to continue in spite of a service interruption, a backup solution is needed. A good backup solution will offer you a variety of choices when it comes to email: incremental, differential, single instance storage, or off-host backups, for example.

Recommendations: You can take a holistic, multi-tiered approach to email security by adding protection at the gateway, mail server, and desktop levels. Several key recommendations include:

Antivirus and antispam software: Help your business reduce spam and increase productivity of IT resources by installing antivirus and antispam protection at all levels. As spammers get more sophisticated, you need more advanced spam filters that will filter out spam and allow legitimate email to reach you and your employees. Spam protection software scans incoming email messages sent to your mail server and compares common characteristics of spam to each incoming message to determine whether that message should be flagged as spam and filtered to a separate folder.

Content Filtering: Install software that filters content to help prevent spam and other unsolicited mail from entering your business network. Content filtering is a technology that also allows you to monitor outbound email content to prevent confidential or proprietary information from leaving your business. In addition, content filtering can be used to screen and quarantine inappropriate content based on words and phrases that match a predetermined list of unacceptable data. This could be applied to both incoming and outgoing email to comply with your business' policy of acceptable use of email. Content filtering is a powerful tool that can help you manage email more effectively and keep spam out as well as keep inappropriate or confidential information from being sent out via email.

Firewalls: Gain additional security by installing firewalls at the network and desktop tiers. Firewalls are often a combination of hardware and software that selectively allow access to your business' resources to authorized employees. You can configure firewalls to allow remote workers access to your business resources as well. You and your employees can then communicate via email more securely since unauthorized parties are restricted from accessing communications that are conducted behind your firewalls.

Conclusion: Email plays an important part in business operations. Small and medium businesses are often vulnerable to email and messaging threats because of limited resources. However, a holistic approach to email security that includes precautionary measures at different tiers of the email architecture can proactively protect your business from confidential or inappropriate information getting out, and spam and email threats including viruses from getting in. Content filtering, anti-spam and antivirus solutions incorporate patented filtering capabilities to block unwanted content from entering your network—and prevent valuable assets from leaving your organization. Backing up your email will insure that it is always available. Together, these solutions help minimize the drain on network resources and employee productivity should there be a saving you time and money down the road.

from Symantec