How Do Aging IT Systems Cope with Exceptions?

Joe Fisher, EVP Worldwide Marketing, Axway

“If you’ve got a long-standing FTP infrastructure and you want to figure out how you extend that infrastructure and make it secure, you could start to add elements of managed file transfer. Most organizations have existing email security or email exchange infrastructure and they need to figure out, ‘How do we make this email infrastructure smarter, but more importantly, secure, to meet new mandates?'”

Secure from Start to Finish

Dave Bennett, CTO, Axway

A commentary by Dave Bennett, CTO, Axway, on the article “How to Assess Cloud-Based E-Mail Security Vendors”

“The challenging part to being just pure cloud is, ‘How do you support deployment models that might vary–appliance and software–versus in the cloud?’… When you look at enterprise vendors and you look at data loss prevention and secure email being on-prem, there’s a good reason why that’s the case, because if you think about what you’re trying to protect, you have to deal with the concept of start-to-finish protection. You can’t just assume that your cloud connection is secure from start to finish.”

Free Security? The Whole Idea is Silly

Taher Elgamal, CSO, Axway

To read Eric Geier’s original post, please click here.

Are You Ready for IPv6?

Paul Keane, Senior Product Manager, Axway

An Ounce of Data Loss Prevention, A Pound of Whitelisting Cure

by Paul Keane
Senior Product Manager

Jordan Wiens writes in a recent InformationWeek article, “Objectionable-content filtering is closely aligned with data loss prevention.”

When Wiens says “objectionable,” I’m assuming he means material that has legal ramifications that may be slanderous or libelous. Items like that may not have intellectual property value, but they can negatively impact an organization’s reputation among their customer base or among their partner base. So, while there is no inherent IP value in it, there is a name-brand value, and items like that can get impacted. It is different from traditional DLP of intellectual property and risk management, but it still has a value of its own that would be aligned with DLP. It may not have the same type of value as DLP, but it has value from a company’s perspective, and it can be protected in the same manner as sensitive corporate data, such as intellectual property.

Wiens continues: “Outbound controls typically include at least some form of basic DLP, such as blocking credit card patterns or Social Security numbers. If you expect to implement full DLP functionality within your e-mail security budget, however, be prepared to open your wallet a bit wider.”

That’s true. Items such as credit cards, social security numbers—they’re all the minimum expectation nowadays. It may be the case that some vendors are not as adept at blocking more sophisticated items as others. It may be that the product just doesn’t do it rather than they have to pay more for it. Having said that, those that can do it are probably charging more for the overall solution anyway.

“Tread carefully,” writes Wiens, “if a vendor tries to sell you on e-mail whitelisting techniques. While positive security models do provide stronger defenses and are a much more promising long-term solution to malware than desktop antivirus, they simply don’t apply to e-mail.”

This is probably a good point in that prevention is better than cure. Whitelisting is a bandage; it’s saying “definitely allow these guys through” but, depending on how good your solution is, it may also allow other bad messages through. So it’s kind of a bandage. The better solution will be prevention, where an intelligent decision can be made at the edge so there is no need for whitelisting in the first place. Having 100 percent accuracy is never going to happen, but having a highly accurate solution at the edge, which is prevention, makes it so we don’t have to worry about whitelisting because the solution at the edge would be intelligent enough to let through those who you would whitelist anyway, while preventing all others from coming through. It’s a fair statement to make.

An Introduction to File Transfer Direct

Axway’s Paul French, Kathryn Hughes, and Dave Brunswick introduce File Transfer Direct (a.k.a. FT Direct).  

How Do We Communicate with Communities Outside of Our Organization?

Insight from Joe Fisher, vice president of product and solutions marketing.

  • Calendar

    • July 2020
      M T W T F S S
  • Search