Proofpoint: Security, Compliance and the Cloud

Proofpoint is hiring! If you're searching for the next defining step in your career, come and see us at the Tech Career Expo in San Francisco.

The Tech Career Expo and Developer Jam is taking place today and tomorrow June 28 and 29 at the Moscone Center in San Francisco. The expo is being held concurrently with Google’s sold out developer conference, Google I/O, which is also taking place in the Moscone Center. As an added perk, keynotes and key sessions from Google I/O will be live streamed into the developer theater for Tech Career Expo attendees to view.

The most exciting part of the event (other than talking with awesome Proofpoint recruiters!) is that anyone can attend the Tech Career Expo free of charge.

Don’t miss out on the opportunity to network with Proofpoint professionals who are hiring in all areas of technology. We're seeking the best and the brightest for positions in engineering, operations, big data (Hadoop, Mapreduce, Hive, etc.), quality assurance, software R&D,  marketing and sales.

If you will be attending the Expo or Google I/O, make a point to stop by Proofpoint's Tech Career Expo booth (#512) to learn about all of our incredible employment opportunities.

For those who cannot make the event but are interested in a career with Proofpoint, check out the Proofpoint careers page for information on available positions.

We recently published a new whitepaper about the TCO (total-cost-of-ownership) benefits of cloud archiving. In "Cloud-Based Archiving vs. On-Premises Legacy Archiving: TCO Advantages and Risk Impacts" the focus is on the ROI of a cloud archiving solution (such as Proofpoint Enterprise Archive).

Download a free copy to learn how Proofpoint Enterprise Archive delivers a significantly lower total-cost-of-ownership than legacy, on-premises products. By adopting a SaaS solution, most organizations can reduce archiving and eDiscovery costs by 40 to 60%. Even organizations with populations of 20,000 or 30,000 users have reported a significantly lower TCO.  

Through the examination of real customer case studies, this whitepaper demonstrates how cloud archiving solutions can improve search performance, reduce reliance on personal archives and PSTs to preserve old data, and ensure greater efficiency in the completion of core tasks that depend upon access to archived email.

If you're trying to build a business case for adopting a cloud archiving solution in your organization, you'll find this new paper helpful. To get a free copy, follow the link above or simply complete the following form:

With the recent launch of our Proofpoint Targeted Attack Protection solution, you've probably noticed that Proofpoint is increasingly referring to "big data" and "big data analytics" as important components of our security-as-a-service solutions.

We're not alone in this, as "big data" and related terms have become an extremely hot topic in IT circles today. But what, exactly, is big data and why are big data analysis techniques important in enterprise computing?

A recent report from analyst firm Forrester helps explain big data analysis and its importance in today's enterprise. "Enterprise Hadoop: The Emerging Core of Big Data" by analyst James G. Kobelius, gives a good overview of enterprise applications for big data and explains how and why organizations are using Hadoop, a massively parallel cloud environment for performing advanced data analysis.

According to Kobelius, "big data" refers to the "technologies, techniques and skills for handling data on an extreme scale" -- and doing so with agility and affordability.

We've made this report available as a free download. To read it, follow the link above to our registration page, or simply complete the form below.

Today, Proofpoint introduced an exciting new product, Proofpoint Targeted Attack Protection, that aims to solve one of the most vexing enterprise security problems—targeted attacks, such as email spear phishing attempts.

Spear phishing and other forms of targeted attacks are extremely difficult for traditional gateway security solutions to detect. Not only are they sent in low volume (unlike spam email campaigns), they often don't contain any form of malicious content, known malware, dangerous attachments or links to known malicious sites.

For these reasons, "properly" crafted spear phishing messages often have a 100% delivery rate, even to enterprises protected by modern email and web security systems. 

How, then, can organizations protect themselves? Proofpoint Targeted Attack Protection takes an entirely different approach, based on a new class of context-aware analysis techniques enabled by "big data" technologies. Using big data analysis, the solution essentially builds a model of "normal" messaging behavior, examining hundreds of variables in real time—including message properties and the email traffic history of individual message recipients.

Messages that deviate from that norm—especially messages that include attachments or URLs—are regarded as suspicious and are subjected to additional security controls, including URL interception and malware sandboxing.

We call these anomaly identification techniques "anomalytics" and you can read more about them in our new whitepaper, Big Data Solutions to Enterprise Data Security Challenges.

Persistent Protection from Malicious URLs
No matter how much you tell them not to, email users are going to click links in email. And a common tactic used in targeting phishing attacks is the use of URLs that are actually harmless at the time the message is sent. It's only later that they turn malicious.

To combat these issues, Proofpoint Targeted Attack Protection re-writes links in suspicious messages so that browsers are transparently redirected through the Proofpoint cloud, where content is re-inspected and malware anlysis is performed every time a potentially dangerous link is clicked. In this way, your organization's users are always protected—whether they access messages inside the corporate network, at home, on mobile devices, or on a public network.

Attack Remediation and Response
Another important component of Proofpoint Targeted Attack Protection is the Threat Insight Service, which provides a web-based dashboard that provides an easy-to-understand, graphical view of attacks.

It helps give administrators and security professionals the ability to identify targeted attacks, the scope of these attacks ("are they hitting just my organization or wider industry?"), which individuals are being targeted by the attacks, the nature of the attacks (malware, credential phishing, etc.), and what remediation actions, if any, are necessary.  

Live Webinar: Get a First Look at Proofpoint Targeted Attack Protection
Obviously, there's a lot more to Proofpoint Targeted Attack Protection than I can share in a single blog post.

If you're interested in learning more, you won't want to miss next week's live web seminar, "Spearing the Spear Phishers: How to Reliably Defeat Targeted Attacks" where we'll explain the challenges posed by targeted attacks, the new technology approach developed by Proofpoint, and give you a first look at Proofpoint Targeted Attack Protection.

I hope you'll join us on Wednesday, June 13th at 11 AM PT, 2 PM ET!

Click here to register for "Spearing the Spear Phishers" »

As we enter day two of the 2012 RSA Conference, Proofpoint issued a press release this morning (see, "Proofpoint Extends Data Protection and Information Governance Solutions to Address Cloud-Based File Sharing, Collaboration and Social Media") announcing new capabilities for Proofpoint Enterprise Privacy and Proofpoint Enterprise Governance, based on integration with popular cloud content management solution, Box.

According to the release, the integration between Proofpoint Enterprise solutions and Box will offer "enhanced security, compliance and control over documents shared via Box."

The integration is part of Proofpoint's ongoing strategy to help organizations better monitor and control the flow of information across all major data stores and communication channels, including cloud-based file sharing, collaboration and social media services. Read the full release here.

If you're at RSA, do make a point of coming by Proofpoint's booth (#850) in the Moscone Center exhibit hall where the team will be demonstrating some of the new capabilities. And while you're there, take our short survey and snag one of our cool "Email Me Your Credit Card" or "Open the Attachment" tees.

Information governance takes center stage as our live web seminar series continues on March 14, 2012 with "Manage and Govern Your Corporate Data - Wherever it Lives." Proofpoint archiving and governance experts Andres Kohn and Darren Lee will be joined by analyst Mike Osterman to discuss the business drivers behind information governance and the benefits of combining governance and archiving solutions to address a variety of regulatory and legal risks.

If you've been curious about the new Proofpoint Enterprise Governance solution, and the technology behind it, this is also a great opportunity to learn about what it does, how it works and how your organization can benefit.

All three of our speakers are terrific presenters and, as always, we'll save time to take your live questions. Registrants will also receive a link to a replay of the live event.

To register, visit this link - Manage and Govern Your Corporate Data - Wherever it Lives - or simply complete the form below:

We recently published a new report with Osterman Research, Making Office 365 More Secure and Compliant.

In this report, Osterman describes the various security, compliance and governance features of Microsoft Office 365, and identifies areas where those features may not meet the specialized requirements of organizations in highly-regulated industries or those enterprises with special security requirements.

There is also a good discussion of why the email archiving capabilities of Office 365, while useful, may not be sufficient to satisfy many of the common eDiscovery and regulatory obligations faced by large enterprises.

To download a complimentary copy of this report, follow this link, or simply fill out the mini-form below.

Complete this form to access a PDF copy of Making Office 365 More Secure and Compliant: 

In a press release issued today, Proofpoint announced that it has been positioned by Gartner, Inc. in the 2011 "Magic Quadrant for Enterprise Information Archiving." 

You can read the entire report, compliments of Proofpoint, by visiting:

http://www.proofpoint.com/email-archiving-magic-quadrant 

Writing in the Magic Quadrant for Enterprise Information Archiving, Gartner analysts Sheila Childs, Kenneth Chin and Debra Logan note that:

"The interest in archiving data using cloud or software as a service (SaaS) solutions has intensified," noting further that, "This deployment model is rapidly evolving, and organizations now have solid options for on-premises and SaaS or hybrid solutions. Hybrid solutions consist of some component (usually an appliance) that resides on-premises that can provide additional processing prior to sending data to the cloud, such as bandwidth throttling, encryption or data reduction. In addition, hybrid solutions can provide tight integration with Active Directory or the email system."

Gartner's Magic Quadrant report describes Enterprise Information Archiving (EIA) as follows:

"EIA is the next step in the evolution of archiving that incorporates new products and solutions for archiving user files (email and files on file shares) and, optionally, other content types such as instant messages, structured data and social media content. These products provide features such as data deduplication across content types, retention management, content indexing and at least basic tools for e-discovery, such as search and legal hold. Due to the complexity associated with managing multiple data types within an archive, EIA may more broadly encompass capabilities like federated archive repository management, while delivering common policy management for migration, retention and discovery."

At our recent "Proofpoint Inner Circle" customer events, we had a great opportunity to interview several of our enterprise customers about how and why they use Proofpoint Enterprise solutions for email security, data loss prevention, email encryption, regulatory compliance, archiving and electronic discovery.

I've collected several of them in this YouTube playlist. In these videos, representatives from Amalgamated, Liberty Health, PETCO, Graubard Miller, MED3000, Zions Bank and Scottsdale Healthcare share some of the reasons they rely on Proofpoint.

Thanks again to all of our terrific customers who took the time to share their stories with us... And you can find a lot more Proofpoint video content in our YouTube channel at http://www.proofpoint.com/youtube.

As regular Proofpoint watchers will no doubt have already realized, last week we launched an updated version of the www.proofpoint.com website featuring a new look and feel, completely revised product content, a refreshed resource center (where you can find a wide variety of datasheets, whitepapers and other collateral) and much more. 

A few updated features are still coming, including an updated look for this blog and the return of our "Security, Compliance and the Cloud News" service.  Stay tuned! If you're a recent or frequent visitor to the site, you may need to clear your browser's cache (or shift-click your browser's refresh button) to force your browser to download the very latest versions of files used and display the new site properly.

One of the most interesting new assets on the site is right on the home page:

Proofpoint's new brand video, "Defending the Ever-Changing Now" is a short, evocative (and cool-looking!) spot that explores the theme of how Proofpoint's solutions defend the "ever-changing now" — keeping enterprises safe from inbound threats (such as spam, phish, viruses, malware); guarding against leaks of private and confidential information; archiving information for legal readiness, governance, investigations, compliance and eDiscovery; and securely encrypting email communication.

You can watch it right here... and feel free to share it with your friends and colleagues.