Feeds

Marshal aims to secure laptop content

Will extend its messaging security to control PC files too

Protecting users from Firesheep and other Sidejacking attacks with SSL

Messaging security developer Marshal is to launch content security software for PCs - but there are questions over how it will work for remote users, as it will require users to be online before they can get permission to copy or share new content.

Marshal's email processing software uses deep content inspection to protect organisations against regulatory non-compliance and intellectual property theft by preventing users from emailing things that they shouldn't. In much the same way, the PC software will prevent them from copying confidential data onto a USB stick or iPod, said Ed Macnair, Marshal's CEO.

"You don't have a physical network perimeter that you can control any more," he said. "You take your notebook home and now you're the company perimeter. So we have to move into endpoint security, because unless you can secure the endpoint, you can't control your content."

He suggested that software to lock out the USB ports or block certain file types, for example, is either counter-productive or simply ineffective.

"Endpoint security is another busy segment, but people aren't doing it sensibly yet - you get draconian 'Thou shalt not' type messages," he said. "What we need to do is apply the same policies that you use at the edge of the network.

"Our rules look at the content, the context, they check for viruses and spam - we run 1800 checks on each email. It's not that 'John' can't send Word files, it's that he can't send out out personnel data. It depends on the sensitivity of the information, so it needs an endpoint that's content-aware."

Macnair acknowledged this means you need both metadata and policies: "We have taken technology from plagiarism-detection software, we call it document fingerprinting. You do have to tell the software what's sensitive," he said.

There is a problem, however - it's not practical to run what's in effect a full version of MailMarshal on a laptop, according to Macnair. That means a PC will only be able to authorise content that it's not seen before if it is online to the company's servers, which could be awkward for remote workers.

Macnair was speaking as Marshal announced two additions to its MailMarshal line - a hosted version for service providers, and a security appliance with the MailMarshal SMTP software pre-installed. As well as content inspection, he said that MailMarshal can protect against threats such spam, phishing, viruses, spyware and denial of service (DoS) attacks. ®

The next step in data security

More from The Register

next story
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
'Speargun' program is fantasy, says cable operator
We just might notice if you cut our cables
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.