Updated Security Tool Looks Inside E-mail Attachments
- By Stuart J. Johnston
- October 25, 2005
Nemx is shipping version 2.0 of its secure e-mail and content protection product for corporate Exchange environments.
SecurExchange provides more than just “perimeter” protection against attacks such as crackers, viruses, worms and spam, according to officials of Ottawa, Ontario-based Nemx. The package examines the contents of every message using what Nemx calls Intelligent Content Analysis, which takes a quasi-natural language approach to parsing messages for security compliance.
“It makes sure that every bit of messaging within your environment is looked at,” says Nemx president John Young. “We have the ability to look at each message in a way that is more than just [looking for] keywords, using a thesaurus and dictionary to let us look at key concepts [in e-mails].”
For instance, he adds, if the content of a message contains the word “confidential” at the bottom of every page, the software can recognize that and set the importance of the message higher than normal. SecurExchange also takes advantage of Microsoft’s Exchange System Manager console so that administrators do not have to learn a new user interface in order to use the product.
The update uses what the company calls “acceptable use policies” to automatically encrypt certain types of messages – say, a financial communication between a firm’s accounting department and a member of the board.
“It’s providing a policy-driven [approach] to e-mail that allows you to enforce your security without having to worry about users pushing the right button,” says Larry Trenwith, Nemx acting vice president of marketing.
A second new feature is the ability for SecurExchange to look inside file attachments in order to enforce security policies. “A lot of information leakage is typically going to come in an Excel spreadsheet or in a Word document or a PowerPoint presentation,” says Young. Adobe PDF documents are also scanned.
Finally, version 2.0 provides the ability for customers to build their own libraries of policy concepts that define what is information they do not want leaking outside of a company or organization – done using a graphical interface to build templates, he adds.
SecurExchange 2.0 costs $925 per server in the “perimeter” edition – meaning the software examines messages entering and leaving the corporation – while a corporate edition that examines messages within the firewall as well as providing perimeter protection costs $1,760 for 100 users.
Stuart J. Johnston has covered technology, especially Microsoft, since February 1988 for InfoWorld, Computerworld, Information Week, and PC World, as well as for Enterprise Developer, XML & Web Services, and .NET magazines.