" They have advanced degrees, financial motivation and plenty of time to figure out ways around software-based e-mail intrusion "solutions" (yes, even the really, really expensive one you just installed-sorry). Once hackers have discovered a way into your network, all bets are off. They have access to any information residing on your servers, including your customer database, employee personnel files, bank account numbers and proprietary product information. They can run denial-of-service attacks to take down mail servers and disrupt your work environment. They can hijack your servers and use them as "spam cannons," sending millions of fraudulent e-mails purporting to be from your company. In short, they can do whatever they want.This week's newsletter will identify the specific dangers posed by network intrusions and explain how keeping these new monsters from stealing the digital lifeblood of your enterprise can ensure that your investment in network security is handsomely rewarded. Determining E-mail Security ROIWhen attempting to extract meaningful hard-cost data to evaluate e-mail security ROI, damages can be broken into two categories: Ongoing or Catastrophic. Ongoing costs tend to occur continually and increase in scale. For instance, a 10% increase in spam volume will result in 10% higher costs. Catastrophic costs, on the other hand, are "one-and-done" losses that are intermittent but categorically high when they occur. An example of a catastrophic cost would be a single security breach that allowed theft of proprietary intellectual property, causing millions of dollars in losses. In general, failure to prevent e-mail intrusions will result in expenditures that qualify as catastrophic. LiabilityLast week's IronMail Insider discussed the costs associated with allowing inappropriate material to cross the enterprise gateway or pass between workstations. The lawsuits resulting from companies failing to enforce e-mail policy and being held responsible for the messages crossing their networks all resulted in catastrophic costs to the enterprise.As with policy enforcement (and encryption, the topic of next week's newsletter), intrusion prevention
0 Comments:
Post a Comment
<< Home