Compliance Management, Critical Infrastructure Security, Privacy, Security Strategy, Plan, Budget

Email security: Tumbleweed Communications (Axway)

The big question I had for Tumbleweed was, “What is email security?” Over the past two years, as we have passed products through SC Labs, I have noticed that the vendor public relations folks who we talk to seem to have a hard time differentiating between the many aspects of threats associated with email. There seems to be a bit of confusion between email security, email content management and email encryption. Everything seems to be lumped under the email security moniker.

When I asked the question, the answer I got was, “Keeping bad things off of email and out of the network.” That makes sense to me, but it sort of seems to step on the toes of email content management. With that in mind, we're going to use the Tumbleweed definition, not just because it is their definition, but because it makes sense. If we accept that, we end up with email security keeping bad things off of email, encryption keeping the information in the email secure, and extrusion prevention keeping our business our business.

And, if we accept the challenge of keeping bad things off of email, we need to know how to manage it. That means that we need to associate email with a sender and receiver, and we need to know how to handle the transaction. As the Tumbleweed innovator pointed out, email is the most heavily used collaborative tool in the world. One must take a comprehensive view of the business process of email. Point solutions won't work for that.

What are the challenges? Probably the biggest challenge is globalization. As the world does business more and more on a global level, the use of email must become an important issue. Different products, business practices and cultures all play a part in dictating how email is applied to the global business process.

According to Tumbleweed, customers' biggest drivers include compliance and risk management. In that regard, email poses a significant risk because of what it can do and how it is used. Tumbleweed tries to get IT managers to think more strategically and tries to leverage other ecosystems within the enterprise, not just email. And this includes such things as storage (what is the email/data retention requirement for the organization, for example).

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.