Organization-Wide Protection A total compliance solution must provide defense for multiple levels of an organization’s communication network, from individual messages to users who send and receive them, to very systems that transfer and store critical information.

Messages Automated and policy-driven encryption protects customer data and ensures integrity of financial data when in transit. A complete encryption solution must be able to dynamically select most appropriate encryption solution based on recipient’s capabilities, including secure delivery to end users with unknown encryption capabilities, as is often case when using email to communicate with clients in healthcare and financial services.

Users End users who send non-compliant information via e-mail through unprotected gateways face very real threat of job termination, lawsuits and even prosecution, should their messages end up in wrong hands. Regardless of whether user’s intention is malicious or a simple mistake, an effective compliance solution will ensure that no damage is done.

Systems Complete compliance requires an e-mail specific firewall and intrusion prevention system. Gateway appliances designed to contribute to regulatory compliance must be able to detect and block hacker attacks directed at appliance itself, as well as at mail servers and other systems sitting “behind” it. Without this level of protection, vouching for integrity of information sent via e-mail is impossible.

Monitoring and Reporting Compliance is not just about detecting and controlling certain types of content. It also requires reporting and communication of compliance status. Compliance officers and administrators must be able to easily access data in order to:

• Analyze and improve organization’s compliance efforts
• Automatically deliver decision-making information to compliance officers in a timely manner
• Easily generate executive-level reports instantly

Take Next Step toward Complete Compliance The last thing your enterprise needs is regulatory trouble, and surest way to find it is by violating federal legislation. To that end, IronMail’s Compliance Control features best-of-breed policy enforcement capabilities, giving compliance officers and executives peace of mind that comes with staying on right side of law. To learn more about how IronMail can help your organization comply with stringent rules surrounding information privacy, download CipherTrust’s free whitepaper, “Compliance Control: Contributing to Corporate Regulatory Compliance.”

Viruses Viruses have proven to be another highly effective method of extracting information from corporations. Virus writers can write simple programs that, once executed on your network, mine for all sorts of data and send information back to virus writer, or to any other recipient.

Severance Package, Indeed While your employees are your greatest asset, they have potential to be your greatest liability as well. A disturbing, but not entirely surprising, fact is that most intellectual property (IP) theft is perpetrated by current and former employees. According to U.S. Department of Justice, enterprises suffered $250 Billion in IP Theft in 2004.

A 2004 survey questioned 400 business professionals about their attitudes to IP theft. The research, conducted by Ibas, a computer forensics specialist, revealed some trends that should sound some alarm bells within organizations unsure of their IP security:

• 69.6% of business professionals have stolen some form of corporate IP from their employer when leaving a job.
• 32.6% of employees leaving a job took sales proposals and/or presentations with them.
• 30.4% admitted to taking information such as customer databases and contact information.
• The most commonly used method for stealing IP is to send electronic copies of documents and files to a personal email account.
• 58.7% think that taking IP is as, if not more, acceptable as exaggerating an insurance claim to cover excess charge.
• Only 28.2% think that IP theft is completely unacceptable.
• The most common justification for IP theft was that person had created documents/files stolen and felt they partly belonged to them.

For more information about how CipherTrust’s IronMail can help your enterprise keep a lid on your intellectual property, download our FREE whitepaper, “Securing Email Boundary: An Overview of IronMail.”