Managed Messaging Security and Archiving

Security Strategies from Lee Rothman of MessageLabs With the heightened demands of regulatory compliance and e-discovery, managed message security and archiving is a huge challenge for financial institutions. Read this interview for expert advice from Lee Rothman, Sales Engineer at MessageLabs Inc., on archiving, including:
  • Today's top challenges;
  • How other institutions are tackling these challenges;
  • Practical advice you can implement today.

TOM FIELD: Hi. This is Tom Field with Information Security Media Group. Today we're talking about managed messaging security and archiving, and we're talking with Lee Rothman, Sales Engineer at Message Labs Inc. Lee, thanks so much for joining me today.

LEE ROTHMAN: Oh, no, thank you.

FIELD: Wanted to start you out with a - - with sort of a regulatory question. Given the regulatory picture today, what do you find to be the top challenges for financial institutions that are looking to improve their messaging security and management processes?

ROTHMAN: I'd probably say one of the biggest challenges at the top of the list is just keeping up to date with the latest security threats. The security landscape has become so dynamic and things are constantly changing. Just keeping your servers up to date with the most current information is a huge challenge a lot of our clients are facing.

But in addition to that, mailbox management's become a huge issue on the archiving side of the business because these [systems] were not really designed for it for this long term mail retention. Corporate and regulatory compliance has become very, very prevalent throughout the entire market space right now, and there are serious fines and there's multiple interpretations of these laws, so again things that our clients are really looking to - - and legal discovery and the idea of e-discovery has become a big topic for a lot of our clients with harassment suits and litigation and email and IT administrators being asked to come up with all emails and IM laws and just all sorts of transcripts for the courts now.

FIELD: So, you talked about some of your clients. How are they tackling these challenges? And I wonder if maybe you can offer some specific examples of how they're tackling them.

ROTHMAN: Sure. You know, especially with the archiving so much of that is focused on the financial sector right now, so one of our clients, North Star Financial Corporation, was really, really pleased with taking the managed approach in their email security. It's really giving them the chance to stop putting out fires on a day-to-day basis, not having to be so reactive in their infrastructure. By allowing us to manage this risk for them in the cloud as opposed to having to first deal with it at the desktop level, it's freeing up their IT staff to really work on more interesting products that are going to - - or projects rather that are going to allow them to be more profitable and even streamline their processes.

Another customer that I've actually been working with is Diversified Brokerage Services and they're really - - they're really, really happy overall and their big - - the source of their happiness really comes from the absolute transparency of integrating the solution into their system that there's so little on their end to have to do, and that it's just basically flipping a switch of redirecting the next record to us and their job is done, and that's just putting us - - that's such a differentiator between us and a lot of competition where there's a big software solution or appliance that needs to be managed onsite.

FIELD: Good examples, both. So the question always arises do you do this in-house or outsource? Tell us what's the inherent value in a managed service?

ROTHMAN: Well, there are quite a few, but let me just hit a couple of highlights for this interview here. First, you know, taking care of these direct in the clouds, eliminating them before they reach organization's boundaries. I mean, you can't even put a price tag on that. The bandwidth that we're going to free up for you just mitigating this rift in the cloud -- something like 50 to 70% of everybody's email coming in these days is Spam. If I could keep all that traffic off your pipe and just take care of that for you in the cloud, I'm already freeing up bandwidth for you. I'm keeping those risks in the cloud. So that's just a huge one. As I mentioned earlier with my Diversified Brokerage Group scenario, the deployment and implementation of a managed service is just night and day from bringing a traditional appliance or software solution. It's like I said: it's a simple annex change, locking down your firewall to only accept traffic from us on - - on the email side of things, and what's really nice is some of our larger organizations with multiple sites it's the central management which is, you know, going to be very different than a software or an appliance issue where you're going to have to kind of do them on a one-off basis. So being able to do this all in a central portal, being able to manage all this is a huge advantage of using the managed service as opposed to bringing it in in-house.

Lastly, I'd probably say just freeing up your resources to focus on more strategic and profit driving activities. No more having to look through logs and whatnot. It's all done for you on our end, but most importantly is the technology is up to date. There's no more having to go and download the latest pack, especially like I said earlier with the threat landscape being so dynamic, just keeping up to date with the latest pack could be a job into itself, and if I could free up an IT administrator, that one task alone I'm making him a much happier person.

FIELD: You make a strong case. Now let's talk specifically about archiving. What do your customers find to be the business value of better archiving, and what sort of quick benefits are they seeing from it?

ROTHMAN: Okay. Well, let's talk about some of the benefits and then I'll - - then I'll get into maybe one or two customers who are actually using it. The first one is going to be no more exchange or breakdowns at any level. A big problem is that these mail servers were not designed for this huge storage. It wasn't designed as an archive. It was meant as a place to accept SMPP traffic, be held there for a short term and then get removed. PSP's in the exchange environment really get unstable after about two gigs, and let's face it most people want to keep larger email boxes than that, especially with attachments getting larger and larger all the time.

So being able to take all of that off of the administrator's responsibility by letting them remove those emails from their server, keeping them stored offsite by us and giving them this great tool to then search them logically is a huge advantage to these IT administrators.

All the messages are really easily retrievable. We have 180-second FLA surrounding all of our searches. So if your attorney comes to you and says 'hey, I need all correspondence between John and Jane with these dates containing these words,' there's no more going through months and months or even years of tape. It's just a simple search criteria, they'll query the database, it will give it to you and then you even can export it as a PSP file. You can burn that to a CD or DVD, pass it along to counsel and your job as an IT administrator is done. So that right off the bat is going to be a huge advantage. The other really nice thing is our flexible policy. Being able to kind of give you a blank slate allows us to conform to just about any type of compliance whether it be SOX, HIPAA, or even some of the international standards, we really don't focus on a particular vertical. We have a product that can really be tweaked to any customers and that's something that our customers do appreciate.

We do actually work with another financial company who is using our system, and they really couldn't be happier with it. We're allowing them to streamline processes, increase their output and the archiving system is one service that has helped them do that more than anything right now and that's the feedback I've gotten from them.

FIELD: That's great. I want to bring this back to a topic we talked about up top which is the regulatory requirements. How do these solutions help your clients, especially in financial services, meet their regulatory requirements?

ROTHMAN: Great question. First and foremost, we allow you to create and maintain and enforce your own corporate messaging policies, meaning all your regulatory and compliance regulations. But in addition to that the flexibilities of our policy allow administrators to really set up any type of retention policy they want for a specific user or group. So if you only have a small part of the organization that are maybe broker dealers and everyone else is not affected by that stock's compliance, we've really given the ability to just kind of cherry pick particular users or even active directory groups or users to create policy around. We do actually offer if you need the industry specific template. So if you do have SOX or HIPAA or any of the other compliances we can help you with that. We do have templates right out of the box that we can help you put onto the system to help you achieve whatever level of compliance you're looking to go with. And lastly, we have a supervision feature which really allows you to implement a systematic and flexible process, much more effective at identifying violations. So, specifically again in the soft compliance world a lot of our people in the finance world are very leery about using words like bonafide, 100% rate of return, big key words that are red flags. This system will allow you to do a post email view of that and see your violators and even run a risk report to let you see how much risk you're actually exposing your organization to by allowing these types of emails to flow in and out of your system.

FIELD: So Lee, how can some of the best practices of improved archiving help an institution's messaging management overall?

ROTHMAN: Okay. I mean, that's really easy. We're going to help you save time and reduce complexity, and I mean if I could just - - if that was the only thing I could do, I think your system administrators would be happy, but we're going to increase productivity of your IT department. We're going to allow them to work on more interesting projects. Not going to individual computers and getting rid of a piece of Spam or that have gotten infected by a virus and it's not part of a bot net. I mean we're really going to allow you to work on real IT projects the organizational management has asked you to work on to help increase profitability at the company.

We're also going to empower other departments - legal, compliance. We're going to allow them to accomplish a lot of tasks now without even going to IT. Traditionally your attorney would come to you as an IT administrator and ask you for a particular set of emails, i.e. there's a harassment suit, I need all these emails. You're now going to be able to provide an interface and a tool for this lawyer or this attorney to do their own searches and export their own PFP files and not even have to burden or get involved with the IT department which I think will make everybody a little happier at the end of the day.

FIELD: You know what? I like how you boiled that down so much I'm going to ask you to do it one more time. If you could give one piece of advice to an institution that's just starting to tackle this whole topic of managed messaging security and archiving, what would that one piece of advice be?

ROTHMAN: Do your homework. Do your due diligence. I mean, there are a lot of solutions out there. You can go managed. You can bring the solution in-house. I would always say look at what you're trying to accomplish, you know. Look at the regulatory compliance you're dealing with. Look at the Spam or the viruses you've had in the past, and really kind of make your wish list and see what you're trying to accomplish.

I would probably say bring the managed solution in in the archiving space, let's start with. It's going to be very tough to replicate if you were to bring that in-house. Just the redundancy and the search tools we're going to give you, the FCC compliance pieces are just going to be almost impossible to replicate in-house even at similar price points. So, just having your email in two separate data centers, multiple instances of it in a warm format, others in a raised format, it's just almost near impossible at the same price point to replace in-house. So I would always say really just do the due diligence on your archiving.

And as far as the email security side goes, to me the further away I can put that virus, the further away I can keep that Spam for my infrastructure, the happier I'm going to be as an IT administrator. So, I'm a big proponent of keeping and mitigating that risk in the cloud and keeping it far way from my infrastructure.

FIELD: Lee, you're a good proponent. You're a good spokesperson as well. I really appreciate your time and your insight today.

ROTHMAN: Oh, no, thank you. I appreciate your time.

FIELD: We've been talking with Lee Rothman with Message Labs Inc. about managed messaging security and archiving. For Information Security Media Group and for Message Labs, I'm Tom Field. Thank you very much.


About the Author

Tom Field

Tom Field

Senior Vice President, Editorial, ISMG

Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world, as well as ISMG's series of exclusive executive roundtables.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.