Archive for ‘Secure Email Gateway’

Best Practices for Defining a Classification Scheme

Wednesday, November 2nd, 2011

In my previous blog post, 5 Easy Steps for Implementing a Classification Policy, I discussed the importance of starting with a simple set of classification labels. In this post, I will expand on the topic of classification schemes, especially as they apply to commercial organizations.

At TITUS, we recommend that organizations try to keep the number of classification options down to four or fewer. We find that the simpler your classification scheme, the easier it will be for users to decide which category to use. Later, as your users become used to classifying content, you can add additional categories.

Many organizations use three categories:

1) A category such as “Public” to indicate non-sensitive information
2) An “Internal” category for information that should stay within the organization
3) A category such as “Confidential” or “Restricted” for information that is particularly sensitive

Surprisingly, the “Public” category is often what causes the most debate in commercial organizations. (more…)



Leveraging enterprise directories for real-time validation of email recipients

Wednesday, January 26th, 2011

We’ve all heard about the recent examples of emails being sent to the wrong recipients. Everything from the UBS GM IPO example, to things we’ve experiences ourselves. Whoops….. I wish I could get that email back. While the email sender typically has an idea of the sensitivity of their message, they often have less immediate visibility into the “clearance levels” and “need-to-know” of their intended recipients.

This blog looks at two areas of email “Recipient Validation”. These features can be very valuable in helping companies avoid inadvertent data leakage.




The importance of timely email content validation feedback

Friday, January 14th, 2011

Although it may seem like an easy task to select classifications on outgoing messages, email can be one of the most difficult types of corporate information content to classify and control in a practical way. Every organization has different internal information flows, and the timeliness of email messages in some workflows can be critical.

So, while automated Email filtering – or content validation – is becoming a staple of corporate networks, the basic architecture of the solution can have a significant impact on the efficiency of workflows and staff productivity. This article will highlight one of the challenges with applying content validation on email messages within an organization, and explain how Titus Message Classification can help ensure timely processing and feedback to users so they can get their jobs done more efficiently. (more…)



Enhancing Inbound and Outbound Email Security – Integrating Titus Message Classification and Proofpoint

Friday, November 12th, 2010

Love it or hate it, email continues to be one of the primary methods for sharing information between employees, clients, partners and other organizations.

On average, corporate users will send 34 emails per day and receive almost 100. If you’re like me, you use email as your primary way to send all of your daily communications. My emails and likely yours, include all types of information, from very sensitive contractual and product information, to resumes and other personal and private information.

Although email is one of the best ways to communicate information, organizations must also ensure that information assets are managed and protected appropriately and that sensitive information is not used or distributed in inappropriate ways. Once it’s left your corporate network, messages can easily be forwarded to other individuals who may not be aware of the security of the information. This poses both security risks and liabilities to the organization if the information isn’t handled appropriately.

Thankfully there are ways to better protect incoming or outgoing information. One great solution is using the Proofpoint Email Security solution together with Titus Message and Document Classification applications.

Here’s how it works.

Proofpoint Email Security solutions scan email and attachments for spam and viruses. They can also scan incoming and outgoing email for key words. As the administrator, you can specify the words, phrases or information that you’d like to use in the scan. If the appliance finds a key word within a message or attached document, you can then also specify how the email should be treated. As an example, messages classified “Confidential” by Titus Message Classification, could be picked up at the Proofpoint email gateway and prevented from passing through the gateway.

There are endless ways of treating the information at the Proofpoint gateway. Options include: encrypting the message; quarantining it for review; or refusal to pass it through. With the persistence of the classification information applied by the Titus Message Classification solution, sensitive and confidential emails can be picked up at the email gateway and treated appropriately even after it’s left your network.

For incoming emails, key phrases can be used to determine the sensitivity of the information passing through the gateway. Based on the key words or phrases found at the Proofpoint gateway, the message can be given a Titus Message Classification which will be present when it’s received by the intended recipient. The message will then retain the classification as it’s replied to or forwarded to others.

If you’re interested we have provided more detail in a whitepaper on how to integrate Titus products and Proofpoint. As always, your feedback is welcome in the comments.



Controlling Email Flow with Classification and the Cisco IronPort Email Security Appliance

Tuesday, September 28th, 2010

Radicati estimates there are 730 million corporate email accounts today. They also estimate that on average those users are sending or receiving 110 emails per day.

I won’t make you do the math – if their numbers are right that’s 80 billion emails. Per day. With that many messages flowing in and out of organizations every day, what could go wrong?