A fundamental issue with spam is defining what exactly constitutes spam. One person may consider any bulk e-mail spam, while another highly values opt-in bulk e-mails they receive. Different organizations may have policies with very different definitions of what is allowed. A good anti-spam solution must allow administrators to enforce these different rules and even allow them to apply different rules to different users, preferably by integrating with policy tools and user databases such as LDAP directories. It should be able to support differing thresholds for different spam results and adjustable confidence values in spam detection techniques. It should allow administrators to customize responses for inbound or outbound traffic. Rules should allow re-labeling, blocking and quarantining of messages, as well as a test mode where rules are tried without impacting mail flow. Ideally, your solution will include an integrated policy manager, which enforces corporate policy across entire e-mail system, and allows different rule sets for different users and groups.

Criteria 3 – Expertise – Know Thy Enemy

Spammers are constantly improving their methods, particularly as corporations have finally begun to fight back. Vendors must be able to develop and deploy policies, signatures, keywords and values to corporations using their solution. They should be developed based on data from a distributed network of customers and other Internet detection points by a team of spam blocking experts. Only by constant improvement can any solution continue to be responsive to spammers even in face of new threats.

Starting April 21, 2005, a new security rule focusing solely on PHI that is stored and transmitted electronically will be enforced as part of HIPAA. The requirements of this rule, which are simply information security best practices, focus on three cornerstones of a solid information security infrastructure – confidentiality, integrity, and availability of information.

The imminent HIPAA regulatory requirements encompass PHI transmission, storage and discoverability. Given widespread use and importance of e-mail, enforcement of HIPAA encryption policies and growing demand for secure e-mail solutions, e-mail security has never been more important to healthcare industry than it is right now.

IronMail significantly contributes to compliance with HIPAA privacy and security requirements as they relate to protecting PHI that is transmitted and stored via e-mail. Everything from data encryption to firewall and intrusion protection to content filtering is included in IronMail solution. Once in place, IronMail can be used to protect e-mail going into and out of corporate networks.

As IronMail is a standards-based appliance, it can be integrated into any existing e-mail system seamlessly, without requiring extensive IT staff training, or relying on users to take extra steps to perform e-mail functions.

The IronMail appliance is tailored to help organizations comply with stringent new guidelines imposed by HIPAA, from security management processes to access control to data integrity.

HIPAA compliance is seen by many organizations as a prohibitively expensive hurdle to overcome. In addition, growing dependence on e-mail as a mission-critical application requires security and privacy to be a top priority. A solid combination of security policies and technologies to enforce those policies can ensure improved security as well as HIPAA readiness and ongoing adherence. With IronMail, organizations reduce information complexities as well as associated management costs which can help improve patient relationships, increase quality of care, and improve bottom line. E-mail can indeed be safe and secure.