Modernizing Authentication — What It Takes to Transform Secure Access
GROUP Software recently announced a Microsoft Exchange 2000 version of its email security software suite, which offers capabilities ranging from content filtering to virus protection.
GROUP Software, founded in 1991 as a German content security company, launched operations in North America last year out of Milford, Mass. The company previously focused on products for the Lotus Domino messaging platform.
The company helps customers focus on three areas with respect to security, says Amy Kessler, GROUP Software's general manager and vice president. One area is legal liability surrounding the retention of information, another is information security (as in protecting intellectual property from threats such as viruses), and the third is network efficiency, which protects against network downtime and congestion caused by spam, denial-of-service attacks and improper use of the network.
securiQ.Watchdog protects against virus attacks to email and databases. It is not a virus scanning engine in itself, however. Rather, it works with virus engines supplied by other major players but takes them a step further by examining the structure or fingerprint of a file to identify viruses before they reach the user. For example, the product can detect messages that include a .vbs file masked with a different extension. It also lets administrators dictate maximum message attachment sizes on an individual or group basis.
securiQ.Wall checks the content of email messages to protect against breaches in confidentiality for outgoing mail, and against spam and junk mail on the incoming side. Customers can dictate the key words and phrases the program should look for in outgoing mail, as well as what to do with any flagged items it finds - such as block or quarantine them.
While the product is far from foolproof in detecting confidentiality breaches, Kessler says it's a step in the right direction. "Almost all companies have policies in place regarding confidentiality, but more than 90% have nothing in place to enforce them."
Regarding spam, the product takes a different approach than most others, she says. Rather than trying to identify spam by the address where it originates, it notes when a large amount of mail hits a server in an unnaturally brief period of time. When this happens, it insulates users by blocking delivery of the mail to clients.
Companies that want to encrypt all messages between servers for specific users or groups can use securiQ.Crypt. The product supports the Pretty Good Privacy (PGP) encryption engine as well as the Secure Multipurpose Internet Mail Extensions (S/MIME) standard. GROUP Software's value-add, according to Kessler, is in bringing the encryption to the server and making it transparent to the end user. An administrator establishes rules that determine which messages are to be encrypted - such as all those from the legal department - and the rules are applied at the mail server, with no end user involvement.
GROUP Software's securiQ.Trailer helps companies address legal requirements by appending a disclaimer to outgoing mail, again on a rules-based basis. Alternatively, the product could also be used to append promotional copy to certain messages.
The final module, securiQ.Safe, also addresses legal requirements by copying and archiving all email messages. The product can help financial companies comply with Securities and Exchange Commission regulations or health care providers comply with emerging privacy rules. It can be configured to batch and archive all emails, or to separate them by user-defined criteria.
The product suite works with NT, AIX, Solaris, AS/400, OS/390 and Linux operating systems.
In the 250-user range, the securiQ Suite costs $9,834. Individual modules range from about $2,000 to $3,000. A maintenance contract costs an additional 20%.