Security Basics mailing list archives
Re: Email Policy Enforcement
From: lists () rogueshoten com
Date: 5 Apr 2007 17:44:36 -0000
This can be a little tricky. In a sense, it's like spam detection, turned around, only a lot harder. When you think about it, most spam falls into one of a relatively small number of activities, like 419 scams or phishing attacks, while every organization's sensitive data differs. So blocking is usually a bad idea. The best bet is to leverage a technology like Vericept or Reconnex that seeks to detect information leakage. Also, think about other avenues of leakage as well, like instant messaging. My advice would be to make sure you have a full game plan for data leakage across the board (rather than just through any single vector like email) before you proceed with something like this.
Current thread:
- Email Policy Enforcement Julio Camargo (Apr 04)
- <Possible follow-ups>
- re: Email Policy Enforcement wmosquera (Apr 05)
- Re: Email Policy Enforcement lists (Apr 09)