7. Full encryption choices
• Voltage SecureMail
• PGP Universal Server
• Sophos Email Appliance
• Proofpoint Protection Server
• Mimecast's Unified Email Messaging
8. Common product features
• Crypto key management
• Auto encrypt sensitive info as part of their
policies
• Lots more rules processing
• Outlook plug-ins
9.
10. Drawbacks
• No visibility into document chain of custody
• Encryption is still largely unused and
cumbersome
• Key management
issues
11.
12. Web-based encryption
• VoltageSecureMailCloud
• Hushmail for Business
• Proofpoint on Demand
• PGP's Web Messenger
• Mimecast's Closed Circuit Messaging
13. Data loss prevention
• Global Velocity's GV-2010 security appliance
• BlueCoat Networks DLP appliance
• Sendmail'sSentrion email server
• McAfee Host DLP
• Symantec/Vontu DLP v10
• Safend Protector
• Trend Micro DLP
20. YouSendIt Privacy Policy
Certain information may become accessible,
such as the text and subject of messages you
have sent, the name and content of the User
Files you have sent, the date and time
messages were sent, and the email addresses
of the recipients.
24. Secure document issues
• Do you need secure intra- or inter-enterprise
collaboration?
• Can you recall sent messages?
• What happens when someone leaves your
company?
• How does the service affect users’ existing
email experience?
• Can you authenticate recipients and thwart
malware such as key-loggers?
25. The moral of the story: don’t use
straight email to send your
documents. Anything is else
better.
From the Wall Street Journal, but there were lots of other reports. The Chamber had at least six weeks worth of email data containing sensitive information stolen in a breach that was widely reported
This expert from the Brookings Institute is the extreme case. When he travels in China, he disables Bluetooth and Wi-Fi, never lets his phone out of his sight and, in meetings, not only turns off his phone but also removes the battery, for fear his microphone could be turned on remotely.
These are various gateway appliances that operate inside your firewall, and automatically work in the background to encrypt and decrypt message traffic in conjunction with your mail servers. These are somewhat cumbersome but offer the following features
This is Mimecast’s Outlook plug in, and as you can see, there isn’t much to set up with it.
While encryption products are very secure, you don’t knowwhether the person opened or forwarded the document, and you can’t revoke access to the document once it has been sent and received.
This is the Voltage web client, which makes it easier to open encrypted emails, even from someone who you have never exchanged keys before
These all have a Web service that is hosted by the vendor on the public Internet and users connect via a browser to read and send messages. recipients don't have to download any special software when they get an encrypted message from you.
There are more than a dozen DLP vendors, and these products offer a wide range of protective features, and some even integrate with endpoint security products, proxy/caching servers, and network intrusion protection appliances. However, while DLP products are great at identifying security breaches after the fact but don't do much to help keep your confidential information contained within your enterprise. They are mostly used for compliance and other regulatory reasons.
This is Global Velocity’s DLP product and you can tune it to block Facebook messages for example, but allow users to add items to their Wall as an example.
There are a whole series of cloud-based document sending services such as Google Docs, Dropbox, Box.net, and others that can store documents in the cloud.
These services all share one common weakness: you can’t manage them well from an enterprise perspective. Also, browser-based FT is limited to 2 GB or less, and many of these services have other hidden limitationsEven when IT is aware of their use, the services generally lack transaction logging, which makes document control problematic and impedes litigation preparedness.
Law enforcement shut down one of these services, MegaUpload, and in the ensuing months other peer file sharing services have curtailed their activities.
http://www.yousendit.com/aboutus/legal/privacy
This is a sample screen from Docusign
Secure document delivery services often offer the best combination of features, security and integration with email networks. But they still have some security implications.