Your Reputation Precedes You

Written by CipherTrust

A Look atrepparttar Past, Present and Future of Email Reputation Systems

“Reputation, reputation, reputation! Oh, I have lost my reputation! I have lostrepparttar 109482 immortal part of myself, and what remains is bestial.”

--Spoken by Cassio, in Shakespeare’s Othello (circa 1602)

Though written over four centuries ago,repparttar 109483 sentiment behind these words still holds true – you’re nothing without your reputation. Every day, different reputation systems dictate who you are to those who don’t know you. To lenders, you’re a credit score. To insurance companies, you’re a calculated risk. And now, thanks torepparttar 109484 next generation of reputation systems, you’re an IP score.

For obvious reasons, spammers, phishers and virus writers would prefer to hide their identities. They use countless techniques to disguise themselves withrepparttar 109485 intent of sneaking into your enterprise inboxes, robbing you blind or hijacking your network – or both.

Onrepparttar 109486 other hand, those who would fight these senders are well served to know whorepparttar 109487 senders are and what they’ve been up to. To that end, email reputation systems are used to figure out what sort of behavior senders have demonstrated inrepparttar 109488 past and make educated predictions of their future behavior, for better or for worse.

Content Inspection Is Not Enough

Unfortunately, many enterprises rely on an email security solution based solely on message content; understandingrepparttar 109489 source of a particular message never entersrepparttar 109490 equation. While this approach is moderately effective when dealing with messages that contain specific spam identifiers, it is completely ineffective at stopping spam that employs techniques not yet seen.

Email Security with Reputation

A comprehensive approach to email security involves examining both message content and sender history. By evaluating senders based on their past behavior, a more accurate picture of their intentions and legitimacy can be discerned. Hasrepparttar 109491 sender engaged in spamming, virus distribution or phishing attacks? If they have, an effective reputation system knows and flagsrepparttar 109492 message. Hasrepparttar 109493 sender even been seen before? If not, a reputation system should pay close attention to ensure thatrepparttar 109494 sender is not a “zombie” machine being controlled remotely by a hacker.

First-Generation Reputation Systems

Inrepparttar 109495 “early days” of spam (circa 2001), simple blacklists and whitelists seemed like an appropriate response torepparttar 109496 nuisance messages that had begun to show up in inboxes aroundrepparttar 109497 world. Blacklists containrepparttar 109498 IP addresses of known spammers, phishers and virus senders; whitelists containrepparttar 109499 IP addresses of senders known to be legitimate. Referencing these lists allowed companies to filter a segment of their total mail flow, briefly curbingrepparttar 109500 onslaught of spam messages. However, their shortcomings were exposed relatively quickly.

The very nature of whitelists and blacklists makes them manual by default. In order for a list to be updated, all messages (both wanted and unwanted) must first be received by an end user and then manually reported to a system administrator. With this sort of end-user reliance, it’s easy to see whyrepparttar 109501 glory days of list-only reputation systems were short-lived.

Further compounding matters, lists rely on anecdotal evidence, openingrepparttar 109502 door to “vigilantes” who add senders to blacklists without first verifying that they’re actually malicious; and spammers, who add themselves to whitelists which take a “pay-to-play” approach, allowing any “bonded” sender to buy their way ontorepparttar 109503 list.

Maximizing E-mail Security ROI - Part V – A New Twist to an Old Problem: Email Encryption

Written by CipherTrust

This isrepparttar last of a five-part series on Maximizing Email Security ROI.

Throughoutrepparttar 109481 ages, people have encrypted communications to suit their information security needs.

Inrepparttar 109482 1st century B.C., Julius Caesar didn’t trustrepparttar 109483 couriers who carried his messages to trusted acquaintances. So, he replaced every A with a D, every B with an E, and so on, allrepparttar 109484 way throughrepparttar 109485 alphabet. Only those who knew Caesar’s shift-by-three rule could decipher his messages. Over 2000 years later, we’re still trying to protect our messages from prying eyes (If you have not read CipherTrust's white paper on Privacy Architecture, you can download it free here).

Inrepparttar 109486 Information Age, email isrepparttar 109487 primary method of communication for businesses aroundrepparttar 109488 world. While email has become a mission-critical application, it also raises important privacy and security concerns. Sensitive personal and business communications are vulnerable torepparttar 109489 prying eyes of hackers, industrial spies and others who would love to have access to information not intended for them. Because of these risks, businesses are realizingrepparttar 109490 value of encrypting their email communications to protect vital information while in transit from origin to destination.

Asset/IP protection

Enterprises that fail to adequately protect information in transit acrossrepparttar 109491 Internet risk revealing their most vital secrets. Each unencrypted email exposes sensitive data – from confidential financial and product information to legal contracts to files that include personally identifying information such as Social Security numbers, birthdates, credit card numbers and bank account numbers.

Failure to encrypt email communication is akin to sending a digital postcard into cyberspace. Sure, there’s a chance that it will reach its destination without crossing a snooping pair of eyes, but there’s also a chance that it won’t. You wouldn’t send a postcard with your vital trade secrets, financial data and customer information on it, so why would you send an unencrypted email containingrepparttar 109492 same?

Compliance and Liability

Cont'd on page 2 ==> © 2005
Terms of Use