11:00 AM
Alan Pelz-Sharpe, Principal Analyst, CMS Watch, (Silver Spring, Md.)
Alan Pelz-Sharpe, Principal Analyst, CMS Watch, (Silver Spring, Md.)
Connect Directly

The Truth Is, E-Mail Security Can Never Be 100 Percent Effective

A bank's best bet is to be in a position to defend itself and detect wrongdoing as soon as possible after an e-mail security breach.

Alan Pelz-Sharpe, CMS WatchThe sheer volume of e-mail that passes through our organizations means that we have to accept that security can never be 100 percent. And before we get paranoid about stopping malicious e-mails from the outside, we need to remember that the most damage often is caused by those we employ and who have full and secure access to our systems.

That said, there are some common-sense precautions and prescriptions that need to be heeded. Clearly you need to filter out spam and malicious e-mail, and there are a plethora of solutions on the market to do that. It also makes sense to monitor e-mail for keywords and keyword combinations that potentially signal wrongdoing by internal staff. But these systems, though of value, are not as thorough as you might think.

Frankly, your best bet is to be in a position to defend yourself and detect wrongdoing as soon as possible after the event. Capturing all e-mail securely and directly from the mail server (not the gateway), filtering out duplications and then archiving all the remaining e-mail in a single location -- enabling easy, fast and thorough searching -- is the best you can typically do.

The truth is, e-mail will likely remain your Achilles heel for some time to come, and software vendors in this space seldom deliver as promised. To manage e-mail securely and sensibly, you need to make use of the archiving, management and monitoring options out there -- but you also need human resources, policies that are enforced and, most of all, a realistic attitude.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for Bank Systems & Technology Newsletters
White Papers
Current Issue
Bank Systems & Technology
BS&T's 2014 Elite 8 executives are leading their banks to success, whether it involves leveraging the cloud, modernizing core systems, or transforming into digital enterprises.
Bank Systems & Technology Radio
Archived Audio Interviews
Join Bank Systems & Technology Associate Editor Bryan Yurcan, and guests Karen Massey and Jerry Silva from IDC Financial Insights, for a conversation about the firm's 11th annual FinTech rankings.