Forwarded From: phreak moi <hackerelite@deathsdoor.com>
CIOs Say Messaging Security is Major Concern According to Tally
Systems/CIO Magazine Survey
04:35 p.m Sep 23, 1998 Eastern
LEBANON, N.H.--(BUSINESS WIRE)--Sept. 23, 1998--
"Hidden Security Risk" Best Foiled With Enforceable Messaging
Policy
System security and reliability topped a list of concerns that CIOs have
about their electronic messaging systems, and those systems have become a
key component of achieving their organization's corporate objectives,
according to a Tally Systems Corp./CIO Magazine survey released today. In
a poll of 344 CIOs conducted in April of this year, 71 percent of the
respondents listed security of their organization's messaging systems as
an issue that has been a concern over the last six months, while 61
percent also listed system reliability as a concern.
"These survey results reveal that CIOs are very worried about a little
known secret of electronic messaging systems: They are a critical part of
the business process, yet employees are breaching security by transmitting
inappropriate messages over company e-mail and fax systems," said Joanne
Egner, Veranda Product Manager at Tally Systems. "Although many of the
fears being publicized are of hackers breaking through firewalls or web
site operators invading personal privacy, the real security concern is the
employee who is sending messages and faxing documents that divulge trade
secrets, contain inappropriate content, or include offensive language.
It's a problem many managers are reluctant to talk about."
Even if they aren't talking about it, a majority of the CIOs polled are
doing something about messaging security. More than 60 percent of the
respondents to the Tally Systems/CIO study said they were monitoring
corporate e-mail, Internet, and fax usage. Over 43 percent cited
security/auditing as their primary reason for doing so.
"Used in this context, security has little to do with technology. It's a
matter of policy and management," said Egner. "Although software tools
are essential for monitoring usage, making effective use of e-mail, the
Internet, and fax systems depends on establishing and enforcing policies
that spell out intended use of those resources."
With 66% of the survey respondents rating E-mail as "extremely important"
to their organization's overall corporate objectives, and another 27%
rating E-mail as "very important," taking away access, or attempting to
block access is simply not an option.
"This is primarily a personnel management problem. CIOs seem to recognize
the need to monitor what's going on, and know that they can't simply turn
over their management responsibility to a web filter or firewall," said
Egner. "There is no substitute for a well-crafted acceptable use policy
and a means to monitor compliance with that policy."
For access to the results of the Tally Systems/CIO survey, visit the Tally
Systems web site at: www.tallysystems.com/tally/press/survey.txt
For more information on the hidden security risk presented by electronic
messaging systems, and help on crafting an acceptable use policy, download
Tally Systems' latest white paper, "Why Your Company Needs A Messaging
Policy: The Hidden Security Risk." available at:
http://www.tallysys.com/tally/whitepapers/wp33us.html About Tally Systems
-o-
Subscribe: mail majordomo@sekurity.org with "subscribe isn".
Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
Received on Fri Sep 25 07:57:03 1998