Continued from page 1
Computer Virus Risks
Recent attacks from various types of computer viruses and worms have had profound effects on computer systems around world. Enterprises have been brought to their knees and forced to spend billions of dollars cleaning up mess and rebuilding their infrastructures. While increased IT costs are clear, there are other risks corporations face with regard to e-mail borne viruses.
E-mail has evolved to be primary communication tool for most organizations and loss of e-mail due to attack can severely affect enterprise operations. Beyond immediate expenses involved in restoring network, an attack on your enterprise e-mail system can also result in lost hours and days for employees who have come to rely on it to accomplish their daily tasks.
The costs of cleaning up after an attack are significant. IT teams are forced to spend considerable time and money repairing virus damage. The damage, however, is rarely contained to network servers. Once inside network, viruses can quickly infect large numbers of relatively exposed client machines - all of which must be individually cleaned, patched and repaired.
In past, when a new vulnerability was discovered, network administrators scrambled to apply security patches from makers of their anti-virus software and manually reviewed quarantine lists for virus-infected messages. Software manufacturers release patches so frequently that network administrators cannot reasonably be expected to keep up with them all. As stated by Gartner Research, “Enterprises will never be able to patch quickly enough. After all, attackers have nothing else to do.” The staggering damage caused by recent computer viruses and malware attacks is clear evidence that manual intervention to institute emergency measures or review quarantined messages is rarely effective against rapidly propagating threats.
Compliance and Liability
Recent Federal regulations such as Health Insurance Portability and Accountability Act (HIPAA), Gramm-Leach-Bliley Act (GLBA) and Sarbanes-Oxley Act (SoX), require enterprises to protect data residing in mail servers and other internal systems. Security breaches violate these regulations, exposing sensitive data and opening door to serious sanctions and costly litigation.
Falling victim to a virus attack can also result in lost trust from business partners and customers. According to Gartner, “Enterprises that spread viruses, worms, spam and denial-of-service attacks will find not only that malicious software can hinder their profitability, but also that other businesses will disconnect from them if they are considered to be risky.” While an attack may not be your fault, it is most certainly your problem.
Although signature-based anti-virus systems are inadequate to preventing virus attacks in first few hours or days of an outbreak, it is possible to identify outbreaks before they infiltrate your organization’s network and become a problem. In fact, doing so successfully requires tight integration of several different technologies designed to analyze mail based on many different characteristics. One of most innovative and important technologies for meeting these threats is known as Anomaly Detection.
Large-scale virus outbreaks create anomalies in mail flow which are identifiable by message content, source, volume, attachment or any of a number of other indicators. When a particular message appears to be a part of a sudden surge of anomalous messages moving across internet, message can be quarantined until virus definitions can be developed to address new threat.
CipherTrust’s IronMail utilizes a unique Anomaly Detection Engine (ADE), which dynamically identifies and responds to abnormal behavior in mail flow. By monitoring “normal” e-mail traffic rates across Internet, ADE allows IronMail to identify spikes in traffic that are often first signal of a malicious attack. Once these spikes are recognized, IronMail units take appropriate action to prevent infiltration of network.
CipherTrust is the leader in anti-spam and email security. Learn more by downloading our free whitepaper, “Next Generation Virus Protection: An Overview of IronMail Zero Day Virus Protection” or by visiting www.ciphertrust.com.