E-mail Security

 < Free Open Study > 



At home or work, e-mail is arguably the most important communication tool available in today’s fast paced technical world. E-mail is a fast, inexpensive, acceptable way to transfer information and communicate. Unfortunately, the use of e-mail and attachments to e-mail messages provide a very large security threat to the welfare of systems and networks in general. Providing secure e-mail and messaging systems has quickly become a top priority for home users and businesses alike.

Threats

There are many threats associated with the use of e-mail. Virus threats are usually the most thought of but threats in the form of malicious content, leaks of confidential information, and the threat of those not-so-innocent spammers are becoming much more of a concern today. Server and workstation downtime, as well as the basic loss in human productivity that can result from these threats, are motivating the penny pinchers to invest more in e-mail and network security.

The most obvious threat to e-mail and e-mail systems comes in the form of e-mail related viruses. E-mail attachments offer an excellent opportunity for dangerous viruses to be proliferated and released even in a firewall-protected corporate network environment. Firewalls protect intranetworks from unauthorized user access. Unfortunately, they do not scan or filter e-mail and attachments. It is important to implement and enforce a proactive plan that includes an e-mail antivirus system with updated virus definitions that scan all attachments that are included with incoming e-mail.

It is also imperative that e-mail users are educated and informed of the dangers that can occur with the improper handling of dangerous e-mail messages. In other words, good e-mail security plans should include the empowerment of users to assume some basic common sense when opening e-mail and attachments that are suspicious.

Our basic human nature tells us to click on things we shouldn’t. If curiosity killed the cat, lack of common sense killed the human’s local area network. Here is an example you can use as a demonstration. Create a Hotmail or some form of Web mail account with an obscure address. Then, send an innocent e-mail with an executable attachment to five people you know. Name the subject, “Don’t Open This, It’s Very Dangerous.” Check to see how many of the five people opened the e-mail. Get the meaning? Could this possibly be considered a form of social engineering?

Confidential information leaks from within corporate infrastructures seem to be very prevalent these days. Disgruntled employees or employees with little common sense can forward company data and personal information to the outside world. This can lead to serious legal ramifications.

Spammers, or unsolicited commercial mail distributors, can use corporate mail servers as hosts to spread their advertisements within a company and beyond. This can cause a company to be blacklisted with Internet service providers and cause a reduction to the productivity of a mail server.

Here are some basic guidelines to file that can save you or your company a lot of time, money, and sanity when it comes to protecting e-mail:

  1. Develop a corporate e-mail security policy that defines a set of rules your users should follow. In other words, take the time to educate them on some of the common practices that should be followed, such as confidentiality and general security practices.

  2. Install a proven antivirus protection product that scans all inbound and outbound e-mail and attachments. The product should provide an alerting service and a centralized quarantine snap-in to isolate viruses if detected. Very importantly, if your users have the ability to use outside mail services from their desktops, install a desktop solution that scans IMAP and POP3 mail services.

  3. Install content-filtering software that scans for key phrases and information in e-mail that might be confidential to your company.

  4. Install an anti-spam software product that will identify and allow you to block out unwanted/unsolicited information.

S/MIME (Secure Multipurpose Internet Mail Extensions)

S/MIME (Secure Multipurpose Internet Mail Extensions) is a method/protocol used to secure the sending of messages between various e-mail clients. It is based on the RSA (Rivest-Shamir-Adleman) encryption system. S/MIME consists of an updated set of standards that improve upon the original version of MIME. Its main function is to provide authenticity and privacy for e-mail messages in MIME format. S/MIME is included in popular Web browsers that are offered from such vendors as Netscape and Microsoft. S/MIME will also be covered in Chapter 5.

Note 

It is likely that you will be asked what S/MIME is associated with. If offered the choice, and there will most likely be a choice, a good selection would be, “e-mail security.”

PGP (Pretty Good Privacy)

Developed by Philip R. Zimmerman in 1991, PGP (Pretty Good Privacy) is one of the most common and easiest to use methods for encrypting and decrypting messages over the Internet. It is also free.

PGP uses public key encryption based techniques to secure messaging. With PGP, a user creates a key pair and protects the private key with what is known as a pass phrase. The public key part of the key pair is used for the encryption of messages for other users.

Note 

When using PGP, the pass phrase that protects the private key must not be forgotten. If the user forgets the pass phrase, the message cannot be deciphered.

In a nutshell, first, PGP will create a session key for a message that is to be encrypted. Next, PGP uses the IDEA (International Data Encryption Algorithm), which uses a block cipher or symmetric cipher and a 128-bit key to encrypt the message. Then, PGP uses the RSA algorithm to encrypt the session key with the receiver’s public key. Finally, the packaged message and key are ready to be sent. PGP will be further discussed in Chapter 5.

Hoaxes

A computer-related hoax is a myth or false representation regarding a computer-related virus. The hoax can be either a false warning or an actual file or object that closely resembles that of an actual virus. Hoaxes are usually meant to scare and cause security related hysteria. Typically, hoaxes or the news of possible fake threats spread through the Internet and corporate infrastructures like wildfire. They are like headlines or new office gossip. “Did you hear about the new eat-your-computer-alive virus?” Then, almost as quickly as the hoax is created, office staff and administrators scurry to find a fix.

The most dangerous of hoaxes will warn the recipient that there is a dangerous file and/or program residing in a system. The hoax will suggest that the recipient remove the dangerous file or program. The bad news—the recipient just wiped out an important system file that is needed for the operating system or program to exist or function. Real nice; we can only hope that the recipient has a good backup!

Hoaxes can cause a tremendous loss in productivity. The time and resources it takes to investigate hoaxes could be much better spent on actual company production issues. Unfortunately, hoaxes are part of the electronic world in which we live and must be handled with care. Could a hoax be another form of social engineering? You bet.

The best way to tell if an attachment or suspect file name is actually a hoax is through research and education. A great Internet site that allows you to do a computer virus hoax search from A-Z is http://vmyths.com.

If you have a good antivirus program and support contract, you can always consult the manufacturer’s Web site or call them for valid viruses/ hoax verification.

As a basic rule of thumb, you should always assume that a hoax or threat is real but use common sense. Don’t take action based on unprofessional advice or hearsay. Finally, by no means should you apply fixes or patches without consulting a legitimate reference.

Note 

Be prepared to answer questions that ask you how you would react to a hoax. Do you go ballistic and get everyone worried, causing large amounts of network traffic with a bombardment of e-mail and IMs (instant messages)? Or, do you remain calm and quietly investigate to see if the hoax is real? Please choose the second option.



 < Free Open Study > 



The Security+ Exam Guide. TestTaker's Guide Series
Security + Exam Guide (Charles River Media Networking/Security)
ISBN: 1584502517
EAN: 2147483647
Year: 2003
Pages: 136

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net