Updated Security Tool Looks Inside E-mail Attachments

Nemx is shipping version 2.0 of its secure e-mail and content protection product for corporate Exchange environments.

SecurExchange provides more than just “perimeter” protection against attacks such as crackers, viruses, worms and spam, according to officials of Ottawa, Ontario-based Nemx. The package examines the contents of every message using what Nemx calls Intelligent Content Analysis, which takes a quasi-natural language approach to parsing messages for security compliance.

“It makes sure that every bit of messaging within your environment is looked at,” says Nemx president John Young. “We have the ability to look at each message in a way that is more than just [looking for] keywords, using a thesaurus and dictionary to let us look at key concepts [in e-mails].”

For instance, he adds, if the content of a message contains the word “confidential” at the bottom of every page, the software can recognize that and set the importance of the message higher than normal. SecurExchange also takes advantage of Microsoft’s Exchange System Manager console so that administrators do not have to learn a new user interface in order to use the product.

The update uses what the company calls “acceptable use policies” to automatically encrypt certain types of messages – say, a financial communication between a firm’s accounting department and a member of the board.

“It’s providing a policy-driven [approach] to e-mail that allows you to enforce your security without having to worry about users pushing the right button,” says Larry Trenwith, Nemx acting vice president of marketing.

A second new feature is the ability for SecurExchange to look inside file attachments in order to enforce security policies. “A lot of information leakage is typically going to come in an Excel spreadsheet or in a Word document or a PowerPoint presentation,” says Young. Adobe PDF documents are also scanned.

Finally, version 2.0 provides the ability for customers to build their own libraries of policy concepts that define what is information they do not want leaking outside of a company or organization – done using a graphical interface to build templates, he adds.

SecurExchange 2.0 costs $925 per server in the “perimeter” edition – meaning the software examines messages entering and leaving the corporation – while a corporate edition that examines messages within the firewall as well as providing perimeter protection costs $1,760 for 100 users.

About the Author

Stuart J. Johnston has covered technology, especially Microsoft, since February 1988 for InfoWorld, Computerworld, Information Week, and PC World, as well as for Enterprise Developer, XML & Web Services, and .NET magazines.


  • The 2021 Microsoft Product Roadmap

    From Windows 10X to the next generation of Microsoft's application server products, here are the product milestones coming down the pipeline in 2021.

  • After High-Profile Attacks, Biden Calls for Better Software Security

    Recent high-profile security attacks have prompted the Biden administration to issue an executive order aiming to tighten software security practices across the board.

  • With Hybrid Networks on Rise, Microsoft Touts Zero Trust Security

    Hybrid networks, which combine use of cloud services with on-premises software, require a "zero trust" security approach, Microsoft said this week.

  • Feds Advise Orgs on How To Block Ransomware Amid Colonial Pipeline Attack

    A recent ransomware attack on a U.S. fuel pipeline company has put a spotlight on how "critical infrastructure" organizations can prevent similar attacks.