Just a quick note about recent news reports (such as PCWorld, "Huge Spamming Botnet Injured but Still Alive"and InfoWorld, "What it Takes to Shut Down a Botnet") about efforts to curtail the activities of the so-called Pushdo or Cutwail botnet. This network of compromised computers is suspected of being one of the largest sources of spam and malware-infected email (see the coverage I mention previously or this interesting study on that botnet, published by Trend Micro last year).
Late last week, security researchers contact ISPs that were apparently hosting various command and control servers used by the botnet in an attempt to shut the network down (not unlike the original takedown of botnets hosted by rogue ISP McColo). Apparently approximately 20 out of 30 of the C&C servers used by the Pushdo/Cutwail botnet were cut off from the internet, possibly having a short-lived effect on overall spam volume.
As other vendors have seen, spam fighters in the Proofpoint Attack Response Center tell me that Proofpoint's own spamtraps (sometimes referred to as "honeypots") have not seen a volume decrease, but noted that the volume pattern—the natural rises and falls in spam volume that accompany new spam campaigns—have been more "spikey", with bigger fluctuations between high and low volume than we are used to seeing. It's unclear if this behavior is at all related to activities around the Pushdo/Cutwail botnet.
As always, email volumes, especially those received by large enterprises, can fluctuate wildly. This is driven in part by general spam and malware sending activity, but also from attacks that attempt to target specific organizations whether they are attempts at denial-of-service, directory harvest attacks, or targeted phishing attacks.
This ongoing unpredictability is one of the key reasons that many organizations have (or are looking at) moving their inbound email security protection to a SaaS model. The rationale being, "Why worry about properly scaling your email and email security infrastructure to meet worst case scenarios when the same type of protection and control is available "in the cloud" at a much lower total cost-of-ownership?"
Today we released the latest edition of our Outbound Email and Data Loss Prevention in Today's Enterprise report, now in its seventh year. As always, this report contains a huge number of interesting findings. Check out the video preview, above, for just a few of the top findings. This year, IT decision makers from 261 large US enterprises (all with 1000 or more employees) responded to our survey, conducted with the help of Osterman Research.
You can find more highlighted findings about how large enterprises manage data loss risks in our press release. Better yet, download the complete report, by visiting http://www.proofpoint.com/outbound.
I'll be blogging more about this throughout the week, but here are just a few of the most interesting findings:
Proofpoint found that, despite a growing awareness of data loss risks, large enterprises continue to be impacted by data loss at a surprising rate:
36% of respondents said their organization was impacted by the exposure of sensitive or embarrassing information in the past 12 months.
31% of respondents said their organization was impacted by the improper exposure or theft of customer information in the past 12 months.
29% of respondents said their organization was impacted by the improper exposure or theft of intellectual property in the past 12 months.
Enterprise concerns and data loss events from social media continued to rise in the past 12 months:
Social Networking Sites (such as Facebook and LinkedIn): 20% of companies investigated the exposure of confidential, sensitive or private information via a post to a social networking site. 7% of companies terminated an employee for social networking policy violations. Twenty percent disciplined an employee for such violations. 53% are highly concerned about the risk of information leakage via social networking sites. 53% explicitly prohibit the use of Facebook, while 31% explicitly prohibit use of LinkedIn.
Blog and Message Board Postings: 25% of companies investigated the exposure of confidential, sensitive or private information via a blog or message board posting. 11% of companies terminated an employee for blog or message board posting policy violations. 54% are highly concerned about the risk of information leakage via blogs and message boards.
SMS and Web-Based Short Messaging Services (such as Twitter): 17% of companies investigated the exposure of confidential, sensitive or private information via one of these services. 51% are highly concerned about the risk of information leakage. 49% explicitly prohibit the use of Twitter.
Media Sharing Sites (e.g., YouTube, Vimeo): 18% of companies investigated the exposure of confidential, sensitive or private information via shared video or audio m5edia. 9% of companies terminated an employee for media sharing/posting policy violations. 21 disciplined an employee for such violations. 52% are highly concerned about the risk of information leakage. 53% explicitly prohibit the use of media-sharing sites.
Financial services firm National Financial Partners has been a long-time user of Proofpoint's SaaS email archiving solution and, more recently, also deployed Proofpoint's SaaS solutions for inbound and outbound email security.
Dán Salomon, NFP's Senior Vice President of Technology, kindly took the time to speak with me about how his organization uses Proofpoint's SaaS solutions and why he feels that performing email archiving and email security functions "in the cloud" is more secure than taking an on-premesis approach. Beyond the cost advantages of SaaS, Dán explains the other business drivers for adopting Software-as-a-Service in this video (recorded on location at Proofpoint's 2010 "Inner Circle" customer event in New York).
My thanks to Dán and NFP for his willingness to discuss his approach and for allowing us to share this interview here!
As part of our launch this week of a major update to Proofpoint Enterprise Archive, our SaaS email archiving solution, Proofpoint has licensed a great new report from analyst firm Gartner. According to this report:
"Organizations are drowning in e-mail and often find it difficult to get the problem under control. Very few companies have a comprehensive and well-enforced e-mail retention program which determines what messages are kept and for how long.
A message retention program, however, is becoming a business necessity as organizations struggle to comply with external regulatory requirements, internal records management needs, demands for e-mail discovery to support litigation efforts and demands from users for preservation of legitimate business messages."
We're excited to announce a new update to Proofpoint Enterprise Archive, our SaaS email archiving solution today, along with several new email archiving resources.
Pictured at left is our updated datasheet about Proofpoint Enterprise Archive, which has been enhanced with information about the latest features. (You can click the image to snag a PDF copy.)
The new version adds full support for Microsoft Exchange Server 2010, including support for Outlook Web Access, access to stubbed attachments and advanced search capabilities.
It also supports organizations that are migrating from earlier versions of Exchange—or that have complex email environments—because it's compatible with environments that use multiple Microsoft Exchange server versions including 2003, 2007 and 2010.
One of the primary benefits of Proofpoint Enterprise Archive is that it helps reduce legal discovery risks and costs. By providing a secure, searchable repository of all email messages, Proofpoint's email archiving solution makes it easy to perform early case assessments, instantly preserve data in active legal holds and enforce email retention policies.
“eDiscovery is critical to our firm, as attorneys must be able to store and search email records quickly during the legal hold stage at the beginning of the litigation process,” says Proofpoint customer Steven Heller, director of technology for law firm Graubard Miller (for more on the benefits Steven and his firm have realized, see this previous blog post). “We continue to trust Proofpoint for our archiving needs and are thrilled with its ability to generate search results in near-real time. New legal hold features will empower our team to track and identify key information faster and easier than ever before.”
The new release includes a variety of enhancements to help streamline the eDiscovery process:
Proofpoint Enterprise Archive’s active legal hold capabilities allow attorneys and staff to instantly preserve data in legal holds, in contrast to inefficient, manual, methods that are difficult to track and audit and increase legal risks of data spoliation.
Enhanced eDiscovery capabilities make it easier for legal teams to search data in near real-time to prepare for HR, regulatory or litigation issues. Proofpoint Enterprise Archive now supports data export to EDRM XML, a standard format used in the legal industry to simplify the movement of archived data to other legal analysis tools. New search capabilities also benefit end-users who can more easily perform complex searches of their own archived email.
Proofpoint Enterprise Archive includes compliance and supervision features for industry-specific rules and regulations such as FINRA, GLBA and HIPAA, as well as SEC policies for email storage. For organizations with supervisory compliance requirements (such as compliance with FINRA rules) Proofpoint Enterprise Archive now makes it easier to handle larger groups of supervised users, perform supervision searches and randomly sample data for auditing purposes. An enhanced supervision workflow allows records managers and compliance officers to more easily manage multiple supervision queues.
You can learn more about the solution in our complete press release... And see my next blog post for the link to a new Gartner report on email archiving strategies...
In a press release issued today, Proofpoint recapped quarterly results from Q2 2010, announcing 7 years (28 consecutive quarters) of increasing quarterly revenue. As we've seen in previous quarters, data privacy and regulatory compliance concerns were an important driver for new business once again.
Proofpoint CEO Gary Steele said that, “There are four key issues driving enterprise IT security spend right now—an increasingly sophisticated spam and malware threat landscape, urgency around protecting consumer and data privacy, pressure to address electronic discovery issues and a realization that SaaS can greatly reduce security and compliance costs. Proofpoint’s solutions are ideally suited to meeting these needs.”
Regular readers of this blog will recognize that the trend toward more strict data protection regulations and increasing eDiscovery needs isn't particularly new. However, one very interesting new trend reported in Proofpoint's latest release is that the Federal market for SaaS solutions is definitely heating up.
One new deal mentioned in the press release is the adoption of Proofpoint's SaaS email archiving solution by a large US Federal agency for an initial 6000 mailboxes with plans to eventually roll the solution out to archive email for more than 70,000 of the agency's employees.
Commenting on the deal, Steele says, “To date, Federal agencies have been extremely cautious about adoption of SaaS solutions and this deployment of Proofpoint Archive will be among the first and largest SaaS deployment—of any kind—in the Federal market. The selection of Proofpoint is a strong validation of the unique security, reliability and scalability features of our SaaS architecture and applications.”
There's been quite a bit of news coverage recently about Federal adoption of cloud computing-based solutions—for example, the ongoing battle between Google and Microsoft to provide email hosting services for 15,000 employees at the GSA (see, "Google cloud-computing applications get certification for federal government use," in Sunday's Washington Post for just one example).
"Over the years, Proofpoint has gained strong momentum in the public sector, protecting more than one million government email inboxes including many federal civilian agencies, department of defense organizations such as the US Coast Guard, and the intelligence community. By achieving important information assurance certifications such as NIAP’s Common Criteria EAL2+ and NIST FIPS 140-2, Proofpoint is trusted to protect mission-critical applications and mitigate risk through its email security, archiving and data loss prevention solutions. "
Of course, it's not just the Federal government market that's moving to SaaS: Enterprises in the private sector continue to move to SaaS. As just one example, Proofpoint's release notes that the number of messages under management by its SaaS email archiving solution doubled in the past 12 months and that this trend is accelerating.
For more on the trends that drove Proofpoint's revenues to record levels once again, see the full press release:
A couple of recent video interviews featuring Proofpoint execs hit the web recently:
Proofpoint CEO Gary Steele talks with SC Magazine reporter Angela Moscaritolo about recent merger and acquisition activity in the IT security space. Gary talks about the need for security vendors to make their solutions available as SaaS – and the difficulty of building such functionality “from scratch” – as one of the key drivers. You can watch the full video here:
Proofpoint's director of channel marketing, Dave Crilley, discusses the value propositions for IT security solutions "in the cloud" and addresses some of the issues that the reseller channel faces in selling SaaS solutions in this interview with ChannelWeb's senior security editor, Stefanie Hoffman. You can watch the full video here:
[Updated July 6, 2010: Complete multi-part interview is now online.]
Proofpoint CEO Gary Steele (pictured at left) recently spoke with entrepreneurship blogger and Forbes writer, Sramana Mitra at length about his background, Proofpoint's business and trends around email security, SaaS and other topics related to the enterprise markets that Proofpoint serves.
The first part of Mitra's multi-part interview is now posted at sramanamitra.com. In segment one of "Rolling Up Email Security SaaS," Gary talks about his early background, education and how he made the leap from the engineering world to high-tech marketing to CEO and how he came to join Proofpoint in its pre-funding days.
Read the interview here: "Rolling Up Email Security SaaS, Part 1," Gary Steele in conversation with Sramana Mitra. Even though I know Gary pretty well, I learned a few things about him by reading this and look forward to the rest of the series.
Update 7/6/2010: The rest of this series is now online at Sramana Mitra's site. I've put direct links to all six parts below, along with short notes about the topics covered:
The corporate business division of Swisscom, the leading telecommunications provider in Switzerland, announced today that it has entered the cloud computing / Computing-as-a-Service market with a new family of on-demand IT offerings that include cloud-based computing, storage and email archiving features powered by leading SaaS vendors, including Proofpoint.
Swisscom's Cloud Services (see http://www.swisscom.com/cloud for more information) allow companies to build up their computing and storage capacity at any time, without having to make investments in IT infrastructure or specialized staff. The three main components of Cloud Services are:
Computing-as-a-Service (CaaS), provided in collaboration with Verizon.
Secure Storage, which offers on-demand storage powered by Nirvanix.
Quoted in Proofpoint's press release about the new partnership, Roger Wüthrich-Hasenböhl, head of marketing and sales for Swisscom Corporate Business, said that they chose to partner with Proofpoint because of the security, performance and TCO benefits delivered by Proofpoint ARCHIVE.
“Today’s enterprises are looking to cut costs and improve efficiency without sacrificing quality or security and Swisscom’s customers expect the highest levels of service quality, availability and stability. As a high-security, high-performance, low total-cost-of-ownership solution, Proofpoint’s email archiving product was the perfect fit for our portfolio of cloud-based services,” he says.
In it's own announcement, Swisscom Corporate Business highlighted the litigation/regulatory audit readiness, and security benefits of Proofpoint's solution, noting that it offers, "unlimited scalability and mail data are stored such that they are unalterable and therefore audit-compliant."
Swisscom is the newest channel partner for the Proofpoint ARCHIVE solution, which is also sold through Microsoft Online Services and other Proofpoint channel partners. Proofpoint's CMO, Peter Galvin, noted that Proofpoint's SaaS email archiving, email security and data loss prevention solutions are, "an ideal value-added offering for service providers and ISPs looking to broaden their cloud-based service portfolios."
OEMs and resellers interested in including Proofpoint solutions as part of their own cloud-based initiatives should contact partners@proofpoint.com for more information.
To learn more about the cost and security benefits of moving email archiving to the cloud, download the Osterman Research whitepaper, Email Archiving: Realizing the Cost Savings and Other Benefits from Saas by visiting:
We've had a couple of recent reviews of Proofpoint's email security solutions and wanted to share them with you here.
First up, Proofpoint was reviewed in the March 2010 issue of SC Magazine (this review appeared in both the US and UK editions at different times) and we've licensed a reprint of that review, which you can download in PDF format at the following link:
Proofpoint scored a perfect 5-star review for features, performance, ease-of-use, documentation, support, value for money and overall rating.
Secondly (and I may have mentioned this previously), eWeek's David Strom took a close look at our SaaS-powered email encryption solution, Proofpoint Encryption, which turned into a more of a full-featured review of our entire email security solution.
You can read that review online at eWeek at the following URL:
In that review, Strom points out many of the unique features of Proofpoint Encryption, the power of Proofpoint's email policy engine, DLP features and much more. Of our email security solution as a whole, he says, "The bottom line is that [Proofpoint] Protection Server is a worthwhile product (or service, if you purchase the Web version) that you may want to look at if your existing e-mail system is ready to be replaced."
