Enterprise Gateway Confidential Data Control
MailMarshal and WebMarshal provide protection by acting as a gateway between an organization and the Internet. They allow an organization to restrict, block, copy, archive and automatically manage the sending and receiving of content.
MailMarshal can manage emails based on:
- specified attachment types (block, restrict or strip attachments)
- user-defined keywords with the lexical text censor (quick and effective method to block viruses or prevent the distribution of confidential material)
- viruses, Spam, virus hoaxes, chain letters and other forms of unsolicited email
- messages larger than a specified size
- messages with a specified number of recipients or attachments
- relay attempts (or allow relays from specific domains/addresses)
- the message source or destination
Corporate usage policy is enforced through customized content filtering of incoming and outgoing email and attachments. Comprehensive reporting of use and attempted abuse gives the organization the knowledge to ensure policy compliance and best use of email.
MailMarshal has an entirely different function from traditional network security products such as firewalls. Firewalls control who has access. MailMarshal is a content security product controlling what has access.
Business protection features
- confidentiality protection
- legal liability protection
- reduction in lost productivity/non-business use
- spam, relay, virus hoax and unsolicited mail protection
- secure private or commercially sensitive email communications MailMarshal Secure
- goodwill and company image assurance
Network protection and ease-of-use features
- virus protection
- reporting/logging
- bandwidth conservation
- cost apportioning
- ease of administration and fault diagnosis
Acceptable Use Policy
Before using Internet Content Security tools, such as MailMarshal or WebMarshal, you should establish an Acceptable Use Policy (AUP) and inform employees of their responsibilities and rights regarding company network resources. This should include addressing issues with email and Internet use. MailMarshal and WebMarshal allow you to monitor and enforce compliance with an AUP. Establishing this policy can also provide a clearer idea of how you can configure MailMarshal.
Consider addressing the issues below when developing an AUP. Though not intended to be rigid policies, they address areas relevant to Internet use, including email and Internet browsing.
Acceptable use
Email is an organizational tool provided for business, research or educational use. Employees are responsible for using this tool to facilitate company business. They should not have an expectation of privacy in anything they create, store, send or receive on their computer. The adoption of an AUP will be much smoother if users are educated on acceptable use.
Personal use
Many organizations find that by allowing limited personal use of the Internet and email, employees are more productive than if they are completely prohibited.
If you do allow some personal use, your AUP should specifically address which types of information are acceptable (e.g. joke of the day online shopping, stock trading, etc.).
Unacceptable use of the Internet
Common examples of prohibited use include transmitting, storing or receiving communications that are discriminatory, harassing, obscene or X-rated, abusive, profane or otherwise illegal.
Confidential information
Proprietary information should not be divulged improperly. Highly confidential information, such as company trade secrets, new product plans and sensitive customer or employee information should not be sent out via email or the Internet without encryption. This is typically more a concern for corporate email but accidental confidentiality breaches have occurred via web-based email.
WebMarshal allows you to prevent users from uploading confidential documents to web-based email accounts, which would effectively circumvent email filtering.
Responsibility
You should inform employees that they could be held responsible for the content of all communications they store or send using email or the Internet. All email should be identified with a name or email address; employees should not attempt to hide their identity or place someone else's identity on company communications (spoofing).
Copyright
Employees should also be informed about copyright issues relating to electronic copies of documents obtained via email or the Internet.
Monitoring and enforcement
If a company plans to monitor or otherwise enforce the AUP, this should be clearly stated in the policy. It should also state that all communications sent or received via email and/or the Internet are the property of the company, which reserves the right to monitor all messages/files on the company's network.
By informing users about the AUP, you get a number of benefits, including:
- an enforceable AUP
- limited liability if you face litigation over staff misuse
- heightened awareness to prevent accidental virus intrusions or confidentiality breaches