Financial services firm National Financial Partners has been a long-time user of Proofpoint's SaaS email archiving solution and, more recently, also deployed Proofpoint's SaaS solutions for inbound and outbound email security.
Dán Salomon, NFP's Senior Vice President of Technology, kindly took the time to speak with me about how his organization uses Proofpoint's SaaS solutions and why he feels that performing email archiving and email security functions "in the cloud" is more secure than taking an on-premesis approach. Beyond the cost advantages of SaaS, Dán explains the other business drivers for adopting Software-as-a-Service in this video (recorded on location at Proofpoint's 2010 "Inner Circle" customer event in New York).
My thanks to Dán and NFP for his willingness to discuss his approach and for allowing us to share this interview here!
The anti-spam team over in the Proofpoint Attack Response Center shared some statistics with me about spam trends in Q2 (April through June) of 2010 that I thought I would relate here.
First, the spam team provided a breakdown of the top 10 spam-sending countries for Q2 and you can see a graphical view of that at right (click the image for a larger view).
This data, compiled from spam messages that hit Proofpoint's spam "honeypots" (email addresses and email servers that attract and collect spam email messages), shows that the US was the top spam sending nation during the second quarter. Brazil and India took the #2 and #3 positions—unsurprisingly as the recently released Proofpoint/Commtouch Q2 Internet Threats Trend Report showed those two nations as the top hotspots for botnet infestation.
Another interesting trend observed during Q2 is that, in general, malicious email messages continued to become more difficult to detect—that is, spammers continued to innovate and use more complex obfuscation techniques. The percentage of messages containing an obvious spam URL destination, for example, fell by more than half. Similarly, image-based spam messages declined by more than a third and messages with virus-infected attachments fell by more than a quarter.
Since overall spam levels didn't decline during the quarter, what's taking the place of those easier-to-detect spam messages?
Proofpoint anti-spam engineer Scott Panzer tells me that "spoof" messages (the type commonly used in phishing attacks) have been generally on the rise and that Proofpoint's anti-spam technology catches these using more predictive approaches. (For a great deal of information on the unique, machine learning techniques that Proofpoint uses to stop spam, see our whitepaper about Proofpoint MLX.)
Proofpoint customers weren't affected by the increasing complexity of spam messages during the quarter, however, as Proofpoint's anti-spam effectiveness actually increased from an average of 99.93% during Q1 to 99.94% during Q2. As noted in Gartner's latest Magic Quadrant for Secure Email Gateways, Proofpoint is one of the few email security vendors that publicly publishes its ongoing anti-spam effectiveness. You can view Proofpoint's spam detection accuracy for the last 190 days by visiting:
Proofpoint exhibited recently at the 2010 Infosecurity Europe show, held in London, and as we did at the 2010 RSA conference, we conducted an electronic survey about email trends that 140 attendees (81% of them with IT, security or messaging titles and the balance with analyst/legal/compliance or non-IT titles) took the time to fill out.
Among the findings:
43% of respondents said they are "very concerned" about inadvertent leakage of private or personal information from their organizations via email. Fully half said they are "somewhat concerned" about this issue. Just 7% claim that they are "not concerned" about these sorts of data leaks.
That concern is well justified since nearly two-thirds (64%) of respondents said that their organizations are subject to data protection regulations that require certain types of email to be encrypted or handled with particular care, because the contain private or confidential email. Only 25% said their organizations were not subject to such data protection regulations.
In this short video, several attendees discuss the various regulations (such as the UK's Data Protection Act, PCI-DSS, etc.) that apply to their company's use of email:
The trend toward increasing the security around private data is something we've reported on quite frequently here in the blog and the growing awareness of data loss issues is reflected in some of our other survey findings. For example, 94% of respondents who have a corporate laptop said that it was password protected and more than half (58%) said that their corporate laptop used full disk encryption.
In addition, nearly half of respondents (49%) said their organization had already deployed an email encryption solution. Another 21% said that their organization intends to deploy an email encryption solution in the future.
On the topic of inbound email security, 40% of respondents said their organizations had been the target a "spear phishing" attack in the past 12 months. That is, they were targeted by a phishing email designed specifically to compromise their own email users. (Our survey from RSA, where most respondents were US-based, found that nearly half of respondents believed their organizations had been the target of spear phishing attack in the last 12 months.)
35% of respondents said that effectiveness and accuracy is the most important factor when selecting an email security solution, while 26% cited cost. 20% said that "ease of administration" was the most important factor. 8% cited available deployment method (e.g., SaaS vs. appliance) and 4% cited vendor brand/reputation as the most important decision factor when selecting an email security solution.
Survey respondents were also asked about their top email annoyances. It's probably no surprise that spam and phishing emails that get through the organization's spam filter were the top two annoyances (48% and 21%, respectively). But certain types of legitimate email were most annoying for some of our survey respondents:
17% find legitimate email newsletters/marketing emails that are sent too frequently their top email annoyance.
9% find legitimate emails from coworkers or business contacts "that I just don't have time to answer" as most annoying. (As I mentioned in my post on RSA survey findings, I still fall into this camp!)
Just 2% find social media notifications and other types of legitimate, but non-essential, emails as most annoying.
In the following video, attendees on the Infosecurity Europe show floor discuss their top email annoyances:
We've had a couple of recent reviews of Proofpoint's email security solutions and wanted to share them with you here.
First up, Proofpoint was reviewed in the March 2010 issue of SC Magazine (this review appeared in both the US and UK editions at different times) and we've licensed a reprint of that review, which you can download in PDF format at the following link:
Proofpoint scored a perfect 5-star review for features, performance, ease-of-use, documentation, support, value for money and overall rating.
Secondly (and I may have mentioned this previously), eWeek's David Strom took a close look at our SaaS-powered email encryption solution, Proofpoint Encryption, which turned into a more of a full-featured review of our entire email security solution.
You can read that review online at eWeek at the following URL:
In that review, Strom points out many of the unique features of Proofpoint Encryption, the power of Proofpoint's email policy engine, DLP features and much more. Of our email security solution as a whole, he says, "The bottom line is that [Proofpoint] Protection Server is a worthwhile product (or service, if you purchase the Web version) that you may want to look at if your existing e-mail system is ready to be replaced."
Something I've been meaning to post for a while but hadn't had the chance... The latest Internet Threats Trend Report from Proofpoint and our partner Commtouch is now available.
As usual, this Q1 2010 version reviews the latest spam techniques, spam trends, spam topics and spam sources. Highlights in this latest edition include:
A SpamAssassin bug caused numerous false positives for users of open source email security... The latest spam template techniques being used by spammers... CNN redirect exploited to send work-at-home scam emails... An analysis of how much spam comes form gmail.com... Rises in spam, zombie trends, malware variants, the "hottest" spam topics... and much more. Visit the following link to download a free copy of this email security report:
At Proofpoint's recent Inner Circle New York customer event I got a chance to talk with Thomas Wonica, director of information technology for Moelis & Company, an investment bank that specializes in mergers and acquisitions, restructurings and other strategic investments. Moelis uses Proofpoint's SaaS email archiving solution, Proofpoint ARCHIVE, as well as our Proofpoint ENTERPRISE email security solution.
In this video, Tom talks about how they use Proofpoint for archiving and eDiscovery to radically reduce the time it takes to find email during discovery events. He also talks about consolidating both archiving and email security with Proofpoint to simplify his organization's email environment.
Proofpoint CEO Gary Steele says, “We believe Proofpoint’s positioning in the leaders quadrant by Gartner is a great confirmation of our continued success in helping global enterprises take control of email risks. Our continued innovation and unique focus on email security, encryption, data loss prevention and email archiving—combined with the ability to deliver those solutions in all of the popular form factors including SaaS, appliance or hybrid deployments—makes Proofpoint the ideal choice for organizations that want to reduce costs while making email more secure, compliant and easier to manage.”
Writing in the “Magic Quadrant for Secure E-mail Gateways,” (previously known as the “Magic Quadrant for Email Security Boundaries”) Gartner analysts Peter Firstbrook and Eric Ouellet note that the email security market is “defined by solutions that provide enterprise message transfer agent (MTA) capabilities, offer protection against inbound and outbound e-mail threats (such as spam, phishing attacks and malware), and satisfy outbound corporate and regulatory policy requirements. SEG solutions can be offered in the form of appliances or software that goes on customer premises, hosted solutions that reside in solution providers' data centers, or multitenancy SecaaS that exists in multiple data centers around the globe.”
Gartner also says that, “The e-mail security market is very mature. Targeted phishing detection, outbound e-mail inspection, encryption and delivery form factor are the major differentiators.”
If that darn volcano hasn't interfered with your travel plans and you're in London for this week's Infosecurity Europe 2010 show, do make sure you visit Proofpoint at stand L90 to learn about our latest SaaS solutions for email security, data loss prevention, email encryption and email archiving.
In an announcement we issued yesterday, Proofpoint introduced its Proofpoint 6.1 platform (which powers our flagship Proofpoint ENTERPRISE email security solution) to the European market. New features include multi-protocol (email and Web) DLP capabilities, a new data loss prevention dashboard, an Outlook plug-in for easier access to on-demand email encryption (via Proofpoint Encryption) and other security and performance enhancements. You can read all about it (in English) at the following URL:
That release is also available in French and German, as well.
Now today, we've announced a new partnership with Titus Labs, an company that provides email classification and document classification solutions. I have to admit that, before we started working with Titus Labs, I didn't know much about issues such as email classification, protective markings and such, but it turns out that there are a wide variety of regulations that government organizations and other types of enterprises need to comply with that involve the proper classification and marking of both communications (such as email) and documents themselves.
Titus makes some really great solutions in this area and, as you might imagine, there are some terrific synergies between solutions like this and data loss prevention, email encryption and archiving. For example, our press release today describes a couple of use cases:
Titus Labs Message Classification and Document Classification products are widely used by government, military and commercial organizations to classify and protectively mark Microsoft Outlook messages and Office documents. Explicit visual labels and corresponding metadata properties that are applied to email messages and their attachments by Titus Labs solutions can automatically trigger a wide variety of policy enforcement, data loss prevention, encryption and archiving policies applied by Proofpoint solutions.
For example, using Proofpoint ENTERPRISE™ Privacy, protectively marked emails and documents can be automatically encrypted, blocked or quarantined for further review before transmission via email, depending upon what labels have been applied. Similarly, different data retention periods can be enforced based on the classification of a message or its attachments (using Proofpoint ARCHIVE™).
Applications include compliance with a wide variety of regulations including the UK’s GPMS (Government Protective Marking Scheme) and Data Protection Act, the Australian E-Protective Marking standard, ITAR (International Traffic in Arms Regulations), HIPAA and other healthcare privacy rules and GLBA, PCI-DSS and other financial data privacy regulations.
This is a really interesting new area and Titus Labs will be joining us for an upcoming webinar to explain how their solution works and the benefits of using email classification and email security technology together to better protect data.
When you visit Proofpoint's booth, you can also be entered to win an Apple iPad, just by taking our Infosecurity Europe email security trends survey. We have a couple of the new tablet computers on hand that you can use to take our short survey about email security trends in Europe and one lucky respondent will get to take one home!
Earlier this month, we held our annual customer "Inner Circle" events in New York and San Francisco, which was a great opportunity to sit down with Proofpoint customers and talk about how they use the product. Assistant vice president and IT manager John Vander Velde of Lake Michigan Financial Corporation graciously agreed to chat with me about how his organization uses Proofpoint to secure both inbound and outbound email.
Lake Michigan Financial Corporation has been a Proofpoint customer for several years now and have, over time, adopted more and more of Proofpoint's email security product suite (see our 2007 press release about Proofpoint and Lake Michigan Financial Corp).
In this video, John talks about how his organization uses Proofpoint for inbound email protection (anti-spam, anti-virus) as well as outbound data loss prevention and email encryption, to ensure the safety of account holder data as well as compliance with data protection regulations such as Gramm-Leach-Bliley (GLBA).
John talks with me about how LMFC selected Proofpoint, some of the policy issues involved in outbound email compliance, consolidating email security functionality onto a single platform and how the rise in spear phishing activity is once again making end-user education an important part of his overall approach to IT security.
Join Proofpoint spam expert Nithin Rao and Proofpoint machine learning scientist Vipul Sharma (see also my previous post with a video featuring Vipul) for a look at the latest spam techniques, targeted attacks, threats from social media and the growing need for outbound spam protection.
Vipul will explain the basics of machine learning and will discuss how Proofpoint applies these advanced statistical techniques to the problem of fighting spam.
As always, your questions will be answered during the live Q&A session. And, if you can't make it to the live event, remember that registered attendees will receive a link to the replay as soon as it's available.
Register now for this web seminar, being held at 11:00 a.m. PT / 2:00 p.m. ET on Wednesday, April 21, 2010. Click the link below for the registration page:
