[ISN] "Hidden Security Risk" Best Foiled With Enforceable Messaging Policy

From: mea culpa (jerichoat_private)
Date: Fri Sep 25 1998 - 01:50:21 PDT

  • Next message: mea culpa: "[ISN] Things Better Left Undone (read: scathing hacker article)"

    Forwarded From: phreak moi <hackereliteat_private>
    CIOs Say Messaging Security is Major Concern According to Tally
    Systems/CIO Magazine Survey
    04:35 p.m Sep 23, 1998 Eastern
    LEBANON, N.H.--(BUSINESS WIRE)--Sept. 23, 1998--
    "Hidden Security Risk" Best Foiled With Enforceable Messaging
    System security and reliability topped a list of concerns that CIOs have
    about their electronic messaging systems, and those systems have become a
    key component of achieving their organization's corporate objectives,
    according to a Tally Systems Corp./CIO Magazine survey released today. In
    a poll of 344 CIOs conducted in April of this year, 71 percent of the
    respondents listed security of their organization's messaging systems as
    an issue that has been a concern over the last six months, while 61
    percent also listed system reliability as a concern. 
    "These survey results reveal that CIOs are very worried about a little
    known secret of electronic messaging systems: They are a critical part of
    the business process, yet employees are breaching security by transmitting
    inappropriate messages over company e-mail and fax systems," said Joanne
    Egner, Veranda Product Manager at Tally Systems. "Although many of the
    fears being publicized are of hackers breaking through firewalls or web
    site operators invading personal privacy, the real security concern is the
    employee who is sending messages and faxing documents that divulge trade
    secrets, contain inappropriate content, or include offensive language.
    It's a problem many managers are reluctant to talk about." 
    Even if they aren't talking about it, a majority of the CIOs polled are
    doing something about messaging security. More than 60 percent of the
    respondents to the Tally Systems/CIO study said they were monitoring
    corporate e-mail, Internet, and fax usage. Over 43 percent cited
    security/auditing as their primary reason for doing so. 
    "Used in this context, security has little to do with technology. It's a
    matter of policy and management," said Egner.  "Although software tools
    are essential for monitoring usage, making effective use of e-mail, the
    Internet, and fax systems depends on establishing and enforcing policies
    that spell out intended use of those resources." 
    With 66% of the survey respondents rating E-mail as "extremely important"
    to their organization's overall corporate objectives, and another 27%
    rating E-mail as "very important," taking away access, or attempting to
    block access is simply not an option. 
    "This is primarily a personnel management problem. CIOs seem to recognize
    the need to monitor what's going on, and know that they can't simply turn
    over their management responsibility to a web filter or firewall," said
    Egner. "There is no substitute for a well-crafted acceptable use policy
    and a means to monitor compliance with that policy." 
    For access to the results of the Tally Systems/CIO survey, visit the Tally
    Systems web site at:  www.tallysystems.com/tally/press/survey.txt
    For more information on the hidden security risk presented by electronic
    messaging systems, and help on crafting an acceptable use policy, download
    Tally Systems' latest white paper, "Why Your Company Needs A Messaging
    Policy: The Hidden Security Risk." available at: 
    http://www.tallysys.com/tally/whitepapers/wp33us.html About Tally Systems
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:05:46 PDT