Securing Email: Comprehensive Messaging Security - PowerPoint PPT Presentation

1 / 24
About This Presentation
Title:

Securing Email: Comprehensive Messaging Security

Description:

Securing Email: Comprehensive Messaging Security. Kip Trout, Proofpoint. Regional Sales Manager ... Kip Trout. Proofpoint Sales. 314-481-1516 office. 314-560 ... – PowerPoint PPT presentation

Number of Views:230
Avg rating:3.0/5.0
Slides: 25
Provided by: gillianmo
Category:

less

Transcript and Presenter's Notes

Title: Securing Email: Comprehensive Messaging Security


1
Securing Email Comprehensive Messaging Security
  • Kip Trout, Proofpoint
  • Regional Sales Manager

2
Agenda
  • What is Messaging Security?
  • Major Spam Trends
  • Outbound Content Security Compliance
  • The Proofpoint Solution

3
What is Messaging Security?
Security threats have always been a problem to
enterprises
Enterprise
SMTP, HTTP, IM and FTP services
4
3 Major Trends
  • Rise in spam volumes
  • Rise of botnets
  • Rise of image- based spam
  • End users believe effectiveness has declined
  • Shorter, more intense, spam attacks
  • Spam circumvents filters, drops true
    effectiveness

Spam continues to be a problem facing
organizations
5
Spam Volume Continues to Increase
  • Continued increase
  • Average spam volume
  • gt 3-4x in 12 months
  • Why?
  • Business is expanding
  • Spam is increasing
  • What can you do?
  • Best spam protection
  • Capacity planning

6
Why Effectiveness Matters
  • 2004 Now
  • Volume (msg/day) 500 Thousand 2 Million 2
    Million
  • Effectiveness 94 95 99
  • Spam getting through 30,000 100,000 20,000
  • Users 20,000 25,000 25,000
  • Spam/User 1.5 spams 4 spams 0.8 spams

Better effectiveness less spam in users Inbox
fewer Help Desk calls
7
Spam Accuracy, 2006 99 Effectiveness
100 99 98 97 96
8
Spam Attacks in the Old Days
9
Spam Attacks Today Botnets
(Sends Instructions)
(Listen for Instructions)
(Receive Instructions)
(Launch Image Spam Attack)
10
Embedded Images, Often Randomized
  • Possible variants are endless signatures are
    useless!
  • Proofpoint MLX includes
  • Image Fuzzy Matching
  • Web URL Reputation

11
Image Fuzzy Matching A
  • Feature Description
  • GIF80 and JPG80 algorithms
  • Effective against 3 image obfuscation techniques
  • Randomizations in unused Color Map entries
    (invisible)
  • Randomizations in bottom of image (appear as
    black lines)
  • Randomization in GIF Terminator (invisible)
  • Proofpoint algorithms correctly identify these
    randomizations

GIF Signature
Screen Descriptor
Global Color Map
Image Descriptor
Local Color Map
Raster (Image) Data
GIF Terminator
12
Image Fuzzy Matching B
  • Feature Description
  • Detects altered but similar images, even if
    alteration inside image
  • Effective against 2 obfuscation techniques
  • Images with randomized (pixilated) borders
  • Images with randomized pixels throughout image
  • Proofpoint algorithms correctly identify these
    obfuscations

13
OCR Resistant Animated GIF
Viewable image contains pump and dump spam...
but in slow motion
14
OCR Resistant Animated GIF
Note that this is a transparent GIF, but only the
parts required to complete the image are
transparent!
  • Frame 1 contains broken text
  • Frame 2 (transparent GIF) appears after 10ms
    completing the image
  • Both images contain broken text OCR Resistant!

15
What Is the Double Tax on Spam Effectiveness?
  • Tax 1 Increased volume perceived drop
  • Perceived drop in effectiveness
  • Volumes of spam result in higher spams in inbox
  • End Users phone helpdesk
  • Tax 2 Sophistication true drop
  • True effectiveness decline
  • Filters unable to handle image based spam
  • Exchange, Notes, Groupwise servers are also taxed
  • End Users phone helpdesk

16
Why Are Some Solutions Failing?
  • Static technologies
  • Relying on exact matches of spam senders and
    content
  • New spam is dynamic in nature IPs, images,
    content
  • Permutations are endless!
  • Reputation
  • Examples Competitors global reputation based
    solutions
  • How Match sending IP addresses and rules
  • Problem Image-based spam comes from botnets,
    with rotating IPs.
  • Signature
  • Examples Large providers of signature based
    solutions
  • How Match copy of email (or partial copy)
    against database
  • Problem Image-based spams random images text
    endless permutations

Proofpoints MLX technology is dynamic and
well-suited to the dynamic nature of spam
17
2007 Proofpoint-Forrester Survey
  • Nearly 33 of companies employ staff to read
    outbound email.
  • More than 25 of companies terminated employees
    for violating email policies.
  • 56 say it is important or very important to
    reduce the risks of outbound email.
  • Companies estimate nearly 1 in 5 emails contains
    content that poses a legal, financial or
    regulatory risk.

Read the Proofpoint-Forrester Research report
www.proofpoint.com/outbound
18
Recent Incidents
  • Dec 2006 Texas Woman's University emails names,
    addresses and SSNs of 15,000 TWU students over a
    non-secure connection
  • Nov 2006 University of Virginia Student
    Financial Services sent e-mail messages to
    students containing 632 other students' Social
    Security numbers
  • Oct 2006 Bowling Green Police Dept. website has
    personal information on nearly 200 people the
    police had contact with names, Social Security,
    driver's license numbers
  • Oct 2006 Republican National Committee
    inadvertently emailed a list of donors' names,
    SSNs and races to a New York Sun reporter
  • Mar 2006 Google mistakenly posts internal ad
    projections
  • Mar 2006 Blue Cross Blue Shield says contractor
    took 27,000 social security numbers
  • Feb 2006 Slip-up spills beans on Dell notebooks

See a chronological list of security breaches at
www.privacyrights.org
Source ZDNet, Bradenton, Boston.com
19
Why is this Happening?
P(Data Loss) no. of channels
x data availability
  • Email is everywhere
  • 70 of corporate data lives in email
  • File Servers
  • Desktops
  • Laptops
  • USB Thumb Drives
  • Email
  • biggest thru 2010
  • Weblogs
  • HTTP (WebMail)
  • FTP
  • Instant Messaging
  • New Channels

Source Gartner G00138425, 3/15/06
20
What to Do
  • Define Policies
  • Document
  • Communicate
  • Train
  • Map Technology Solution to Requirements
  • Corporate governance content
  • Structured
  • Unstructured
  • Auto-Encrypted
  • Inbound as well as Outbound
  • Its not just Email anymore
  • Webmail, Blogs, IM, FTP sites, too

21
Proofpoint Solution
Proofpoint Attack Response Center
Network Content Sentry
Secure Messaging
Virus Protection
Zero-Hour Anti-Virus
Spam Detection
Dynamic Reputation
Regulatory Compliance
Digital Asset Security
Web-based Management Interface Policy Engine
Smart Search
Hosted Service
Virtual Appliance
Appliance
Software
22
Over 1200 Delighted Customers
  • Please contact Proofpoint directly for customer
    references, case studies, and names of industry
    leaders using Proofpoint.
  • Kip Trout
  • Proofpoint Sales
  • 314-481-1516 office
  • 314-560-3226 cell
  • ktrout_at_proofpoint.com

23
Learn More
  • Free Forrester Research Proofpoint Report
    Outbound Email and Content Security in Todays
    Enterprise
  • www.proofpoint.com/outbound
  • Free white paper on how MLX technology fights
    image-based spam
  • http//www.proofpoint.com/mlxwp

24
Download a Trial Version
www.proofpoint.com/trial
Kip Trout ktrout_at_proofpoint.com 314.481.1516
Write a Comment
User Comments (0)
About PowerShow.com