Province combats e-mail explosion
NU Zakelijk
News
MDES in the media
NU Zakelijk
Province combats e-mail explosion
Author: Maarten Keswiel
Zeeland Province is said to have found a method to prevent the e-mail system expanding to bursting point. E-mails are now archived smarter, reports the Province on Tuesday.
Specially designed software filters all e-mails according to type and determines how they have to be stored. "Our e-mail mountain has been growing at a rate of 416 percent per year, but now we known exactly what information should and should not be saved," says André Roelse, Head of ICT for the Province.
According to André Roelse, an additional e-mail server was not an option because this would make the system too complex. "We want a smart solution that will relieve the burden on our e-mail server by storing essential e-mails in another environment."
Type
The province commissioned an analysis of the types of documents in circulation in the organization. "This analysis showed precisely which information needs to be stored and in which way," says Frank Bertram, CEO of MDES, the company that implemented the new system.
There are numerous advantages according to Frank Bertram: "Management is simpler, there are savings on back-up media, the back-up and restore is quicker, there is more control over the files and the province knows that the regulatory requirements on storage management are met."
You should know where your data are!
Automatisering Gids, 21 December 2007
Author: Frank Bertram, Director, MDES
In the Automatisering Gids of 2 November, Rolf Zaal describes the innovative Jericho security concept from Capgemini. The 11 Jericho principles are based on the concept that it makes no sense to secure an organization like a fortress; this is outdated. It is an illusion to think that you can board up your company with a 100 percent security guarantee. Even with the most advanced endpoint security solution, this is utopia.
Companies have spent lots of money on security, even on endpoint security, for example, on Identity and Security Management and still there are information leaks. The enormous investment is still not sufficient. This is because users can get around security mechanisms with a USB flash drive and in other ways, and extract data from systems.
In the end, it’s people who work with systems. And people make mistakes, they sometimes break the rules, they perhaps forget about the rules, or they can’t be bothered to read the thick manual of Sarbanes Oxley security regulations. People are a crucial factor in the effective security of an organization.
Within an organization, you have to focus security on the endpoints, where information can be extracted from an organization. By doing so, you create an open and workable organization which is also secure provided a twelfth principle is added to Capgemini's principles: You shall know where your information can be found.
An overview of your information is a determining factor in the security of an endpoint solution. Companies, however, often don’t know where information is to be found, let alone where the most important information is located. That was the past, and you can even question whether this information belongs to the organization. If you don’t know what information you have, how can you prove that your own the information?
Apart from the fact that this twelfth principle is missing from the Jericho principles of Capgemini, there’s something tangible missing in the plans. There are good practical endpoint security solutions on the market. Not only expensive IDM solutions from Novell, Oracle and Microsoft, but also endpoint solutions in encryption, such as SafeBoot, or solutions in Digital Rights Management, such as from Liquid Machines.
It is not sufficient to know where your information is, you also need to know what has been done with the information. For example, a solution on the market from Verdasys logs what users do with specific information. Other solutions in Data Leakage Prevention (DLP) are Vontu (Symantec), Proofpoint and Tablus (RSA). As soon as deviating patterns of information use becomes apparent, action needs to be taken.
In addition, it is also important to educate users to handle information in a safe and secure way and also in a subtle way. It would not be so smart to incorporate the 12 Jericho principles into a list for users. But with a software solution, you can subtlely address undesirable behaviour. That generally works better than a tap on the hand.
Author: Frank Bertram, CEO research and consultancy MDES HotColdFrozenData
