Proofpoint: Security, Compliance and the Cloud

In this digital age, our smartphones tend to know more information about us than say, our great Aunt Suzie. From your name and location to the interests of you and your closest friends; all of this information is readily available to advertisers and marketers the moment you accept the terms and agreements of certain mobile applications.

The accessibility of such data has sparked a continued dispute between consumer groups and online marketing firms over the access of user information via mobile applications.

On July 12, the National Telecommunications and Information Administration (NTIA) will host the first of several meetings in an effort to develop new codes of conduct for handling private consumer data on the internet and on mobile networks. The meeting will focus primarily on mobile application security and provide a chance for industry stakeholders to voice their concerns regarding access to private consumer data.

The upcoming meetings stem from a Consumer Privacy Bill of Rights released by the Obama Administration in February of this year. Instead of calling for new privacy standards, Obama’s Bill of Rights calls for a multi-stakeholder process to develop general rules and regulations. The process has generated skepticism about whether this system will incorporate the desires of all publics fairly, most importantly the consumers.

The start of the NTIA meetings could not come soon enough. Recent episodes of mobile applications illegally downloading user information has heightened the need for defined mobile privacy standards. The issue of mobile security now goes beyond simply the applications to also include the advertisements shown within them.

As we watch to see if an outcome can be achieved at the NTIA meetings, it will be interesting to see how these standards will reflect on the corporate side of the equation. Right now, companies must decide for themselves which security features to implement for their employees. This increasingly means creating mobile security applications that encrypt, archive, and protect company data on an employee's smartphone will likely become a corporate necessity.

For a while now, Proofpoint Enterprise Archive users with iOS or Android mobile devices have had access to a free, handy app — Proofpoint Mobile Archive — that lets them access their archived messages and perform archive searches "on the go."

Now, BlackBerry users (yes, there are still some of us out there) have a similar app for their devices. Get the brand new Proofpoint Mobile Archive for BlackBerry from BlackBerry AppWorld now.

This short video gives a quick overview of the new app:

From the "you asked for it, you got it" department: Previously available only on the Apple iOS (iPhone, iPad) platform, our Proofpoint Mobile Archive app is now available for Android devices.

The Proofpoint Mobile Archive app lets users of Proofpoint Enterprise Archive (our cloud-based email archiving solution) access their archived email from anywhere, at any time. The app lets you search your entire email archive from your iPhone or Android device, allowing you to quickly find messages, view message details, and retrieve messages to your inbox. 

 The new Android version of this app is part of the latest release of the Proofpoint Enterprise platform (announced today in our press release here).

Mobility is a big theme of this new release and, in addition to the Android version of the Mobile Archive app, the release includes enhancements to Proofpoint's support for mobile email encryption and decryption (which were already very strong). The enhanced mobile decryption user interface takes advantage of the latest smartphone and tablet technologies to display a web interface that looks and feels like a native application, making it even easier for Proofpoint Encryption users (and any recipient of a Proofpoint-encrypted email message) to decrypt, read, and respond from mobile devices.

This video overview demonstrates the iPhone/iOS version of the Proofpoint Mobile Archive app, and how it enables anytime/anywhere access to archived messages:

This next video demonstrates the previous version of the "decrypt assist" features of Proofpoint Encryption, which allows any email recipients on any mobile smartphone or tablet with a web browser (including Android, BlackBerry, iPhone and Windows 7 Phone) to easily decrypt and respond to messages encrypted with Proofpoint Encryption:

And while it's not part of today's announcement, I wanted to remind Proofpoint Enterprise administrators that our Proofpoint Mobile Dashboard app (currently available for Apple iOS devices) gives you access to global spam stats, the status of your support tickets and other information on your Proofpoint Enterprise deployments:

Learn more about the latest features of Proofpoint Enterprise in today's press release, "Proofpoint Extends Mobile Enterprise Offerings."

In a special mobile security edition of SC Magazine, Clayton Homes demonstrates how they are leveraging Proofpoint to increase email security.

Clayton Homes, established in 1934 and acquired by Warren Buffet in 2003, is the largest manufacturer of mobile, modular, and manufactured houses in the United States.  In order to keep in touch with its customers at all times, Clayton Homes encourages its employees to use consumerized IT devices to send and receive emails.  These email messages often contain sensitive data such as financial, manufacturing, and proprietary designs that could lead to a loss of customer confidence and regulatory compliance fines if stolen or lost.

After evaluating several solutions, Clayton Homes chose Proofpoint Enterprise Protection (SaaS email security) and Enterprise Privacy (data loss prevention and email encryption) to help manage the substantial security and compliance risks posed by mobile email. 

Jodie Swafford, information security manager at Clayton Homes, noted, “We looked for one that was cost effective and could provide us with strong security and compliance across multiple mobile platforms as well as offer control, flexibility and scalability.”

Proofpoint Enterprise Protection helps to prevent spam, viruses, malware, and phishing for inbound and outbound email while Enterprise Privacy defends against leaks of confidential information and ensures compliance with common international, industry and US data protection regulations.

Swafford outlined how easy it was to start protecting sensitive data, “With Proofpoint, we were able to use out-of-the-box rule sets, tweak them slightly as needed, and even create custom rules for different business units.  Once rule sets were defined, we really only need to turn Proofpoint on.  It immediately began governing all email communications at the rate of thousands per day.”

As with many of our customer cases, Proofpoint’s products can help reduce overall costs by lowering time spent on IT administration, saving employees from time spent sorting spam and preventing data breaches and regulatory fines.

Click here to read the full case study (reprinted from SC Magazine) and as all always, you can check out our Learning Center for more.

The team staffing the Proofpoint booth (stand #F50) at Infosecurity Europe 2011 tell me that they've been having a great show with a lot of traffic to the booth and some terrific interactions.

One thing that seems to be a huge hit is our Infosec security survey. If you drop by the Proofpoint stand and take our short online survey on email security, encryption and mobility issues, you'll be entered into our drawing to win an Apple iPad 2. With one more day to go, there's still time to enter!

 As I write this post, I see that our survey has fewer than 400 responses so far... so your chances of winning are quite good. One of the things we're asking attendees is whether their organization has deployed an email encryption solution. The chart below shows the live results from that question so far:

In other Infosecurity Europe related news, yesterday at the show Proofpoint and IT services company brightsolid announced a channel partnership whereby brightsolid will offer Proofpoint's cloud-based email archiving, email security and data loss prevention solutions in the UK. 

That partnership off to a terrific start with publishing company DC Thomson already having signed a multi-year subscription to Proofpoint's email security and archiving solutions through brightsolid.

Tuesdays often bring new music and movie releases, Microsoft patches and, here at Proofpoint this particular Tuesday brings some new mobile apps and video demonstrations of the same.

In my previous blog post, I mentioned we'd be drilling down on some of these new features. In these short videos, Proofpoint product marketing manager Namson Tran walks us through the highlights of our mobile archiving, mobile dashboard and mobile encryption capabilities. Check it out!

This is the Proofpoint Mobile Archive app, which extends Proofpoint Enterprise Archive to iPhone users, allowing for search anytime, anywhere...

Proofpoint administrators can use the Proofpoint Mobile Dashboard app to keep up with Proofpoint news and global spam detection effectiveness, status of their support tickets and view information on their Proofpoint Enterprise deployments:

Making on-the-go access to encrypted email easy for mobile users is another goal of Proofpoint Mobile and here, Namson demonstrates the Proofpoint Decrypt Assist features of Proofpoint Encryption. Decrypt Assist works with any mobile smartphone with a web browser (including Android, BlackBerry, iPhone and Windows 7 Phone)...

To learn more about the capabilities of Proofpoint Mobile, see our new information page here.

And Android users, we've heard your requests for 'droid versions of Proofpoint apps... but it never hurts to share your requests once again. Let us know what platforms and capabilities you'd like to see Proofpoint support in future apps by commenting here in the blog!

Tons of new stuff to report on at Proofpoint this week, so stay tuned to the blog for more. But first up, today we announced a whole set of updates to our mobile-related security and compliance technologies, rolled up into a family of applications and features we call Proofpoint Mobile.

Rather than rattle off the details here, I'll let Proofpoint CEO Gary Steele run it down in less than three minutes. In our latest CEO series video, Gary explains why mobile is an important part of Proofpoint's development strategy and gives some highlights of today's announcement:

Apple iPhone (or iPad) users can grab their copy of the new Proofpoint Mobile Archive app and the Proofpoint Mobile Dashboard app (previously announced, but maybe you missed it), free from the iTunes app store starting today.

Users of practically any mobile smartphone with a web browser (including Android, BlackBerry and Windows 7 Phone) will benefit from the "decrypt assist" feature we've added to the latest version of Proofpoint Encryption.

I'll be drilling down on the details of these apps and features (including video demos) in my next blog post...

Missed a previous CEO Series video? Find them all here »

As expected, our friends at Apple unveiled the iPad 2 today... and with it, tablets are starting to look like really serious computing devices. (Check out Engadget's coverage of today's launch for some examples and the basic facts on this new device.)

Expect Apple's latest volley in the tablet computing wars to once again accellerate the "consumerization of IT" in your enterprise. (For examples of enterprise iPad adoption and a little discussion of the potential risks, see USA Today's "More companies put iPads to Work", where our own Gary Steele is quoted.)

As we're seeing with social media tools, tablets and other mobile computing devices represent technologies that enterprise IT departments need to come to grips with, using a combination of policy and technology.

So, I wanted to use this event as a reminder that, if you haven't revisited your organization's remote access/mobile devices and storage policy lately, perhaps its time to do so. (And our 2010 research on this topic - see pages 13-15 of our Outbound Email and Data Loss Prevention in Today's Enterprise report - shows that nearly 10% of large organizations haven't formalized such policies.)

Of course, devices like the iPad 2 can be extremely useful for enterprise IT and security professionals with more and more vendors providing mobile apps that help with administration, monitoring and other features of enterprise software products.

Proofpoint, for example, currently offers the Proofpoint Mobile Dashboard app for iOS devices that lets Proofpoint Enterprise admins view status of their Proofpoint deployments, track support inquiries, etc. (Follow the previous link or search the iTunes store to get your copy - it's free!)

And not to get all Steve Jobs on you, but watch this space for more Proofpoint mobile-related news in near future... Me, I gotta get over to the Apple store and order a new iPad...

If you're a Proofpoint customer with an Apple iPhone or iPad, you might be interested in our latest offering, the Proofpoint Mobile Dashboard iPhone app, now available free of charge in the Apple iTunes app store!

With the Proofpoint Mobile Dashboard, you can connect to the latest Proofpoint news and review Proofpoint's global anti-spam effectiveness over the past 20 and 90 days.

More importantly, if you're a Proofpoint administrator, the app lets you connect to Proofpoint's CTS support system to check in on the status of any calls in your support queue. If there are Proofpoint Enterprise clusters (performing inbound email processing) associated with your account, you can also see performance information for those servers.

This is the first version of our mobile app and I expect the development team will be adding many more features over time to support other Proofpoint products and features.

Download the app and stay tuned! Feel free to share your feedback with our app development team by emailing support-iphone@proofpoint.com.

Link: Proofpoint Mobile Dashboard in the iTunes App Store