Whereas hundreds of businesses in Ireland had put in place software-based solutions over the past number of years to help secure and protect their email infrastructure from viruses, worms and spam, the sheer growth in email volumes now means that many are turning to purpose-built hardware appliances in order to handle this same task.
According to John Ryan, operations director with the IT security provider Entropy (pictured), Irish organisations are receiving upwards of 70,000 messages per day in some cases. “The trouble is, traditional software systems can’t cope with that volume,” he relates. Moreover, from a business perspective this means that important messages risk being delayed as a result.
This situation has to stop, Ryan says. “We’re still seeing email security as a major problem for organisations. We would have always been of the view that people are underinvesting in their email solutions. Email is mission critical after all and they should be putting more money aside to protect it.”
In one recent case, a large indigenous firm received a quarter of a million emails over a single weekend. Such was the rate of emails that the business had to decommission its internet domain and re-register it to try and reduce the numbers of messages flowing into its systems. Although the business can’t be named for confidentiality reasons, Ryan cites it as a real and local example of what can happen. It’s not clear whether this is simply a huge influx of spam or something more orchestrated such as a distributed denial of service attack.
Examples such as this are prompting many organisations to move to second-generation security products, says Ryan. The company cited above took delivery of an Ironport appliance that can handle up to 500,000 messages per hour and that uses a technology to block suspect addresses so that spam mail is stopped at the source before even arriving at its intended destination. According to Ryan, this approach also means that the appliance has more processing power that it can allocate to sorting and filtering genuine emails.
In a wider context, Ryan believes that 2006 will see appliance sales really take off as more companies see the value in this kind of security solution. Businesses must do their homework before taking the plunge however: Ryan urges caution to check that the device they plan to buy is a proper appliance and isn’t simply a rebadged PC. This is because PCs run operating systems designed for carrying out multiple functions and as such are vulnerable. True appliances run customised operating systems and are designed to carry out one particular task or a specific set of functions.
There are different types of appliances and the choice of these will vary according to business need, says Ryan. For a large company, he advises buying an appliance for every function of security, be it mail filtering, firewall and so on.
These aren’t the only choice: there is a category of devices that handles a number of everyday IT security problems. These appliances cover what is known as universal threat management (UTM) and they suit the needs of the SME. “For very small organisations you don’t need complexity and customisation, so UTM devices are suitable but once you get to medium and large organisations we don’t think anybody’s cracked that nut yet,” Ryan says.
Email isn’t the only issue occupying the minds of those charged with IT security, however. Ryan identifies a growing area around USB port management. This has emerged from the proliferation of small storage devices that connect to computers via USB ports. Cheap and easily available, they can carry large amounts of important data. While they’re ideal for staff who want to bring work home with them without having to lug their computer, confidential data could possibly be compromised if the storage device were lost. Also, if the home computer doesn’t have the latest antivirus versions and software patches, a user could unknowingly bring the device back into the company network and spread an infection.
These aren’t hypothetical scenarios, Ryan adds. “We are implementing these solutions in organisations. If there wasn’t a problem they wouldn’t be spending the money.” According to Ryan, management software can ensure that when information is taken out of an organisation’s network for valid reasons, it is encrypted or protected from anyone but authorised users. It can also integrate with a company’s antivirus systems to protect against malware.
These are only two of the many potential risks that companies face when deciding where to allocate spending on IT security and they may not be the same for every business. For that reason, Ryan advises companies to take stock before buying. “A lot depends on what assets they’re trying to protect.” A useful exercise, he says, is to ask: “What are you trying to protect, what is the value of it and what effort should you take to protect it? It’s a measured approach.”
By Gordon Smith