Professional Documents
Culture Documents
Introduction
Email is a great business tool. It’s fast, cheap, universal and easy to deploy.
However, companies that make use of email are confronted with a number of risks.
Viruses and spam are the most obvious risks. Viruses can cause down time, loss of
productivity and in the worst case can expose confidential data. Spam is not only
offensive and annoying; it causes loss of productivity, decreases bandwidth and costs
companies billions of dollars each year. Legal liability is another cause for concern.
Several high-profile lawsuits with multi-million dollar penalties have highlighted the
fact that companies are liable for the contents of the emails that are sent over their
network. Therefore, every smart company that uses email must take measures in
order to stop, or at least minimize the effect of these email risks.
Companies that make use of email face the following potential risks:
#1. Lost productivity & network congestion
Employees sending personal emails and sifting through spam mail can cause major loss
of productivity. For example, if each employee takes 5 seconds to view a spam mail,
based on an average salary of 25 dollars per hour, this will cost the employer 3 cents
per spam mail. If every employee received 25 spam mails per day, spam would cost a
company with 100 users no less than 20,000 dollars per year. In addition to spam and
personal emails, viruses can also lead to network downtime and in turn cause lost
productivity.
#2. Legal liability
In most cases the employer is held responsible for all the information transmitted on or
from their systems. Consequently inappropriate emails sent on the company network
can result in multi-million dollar penalties. In the last few years there have been several
high profile lawsuits such as the case against a global oil company filed by four female
employees. The employees alleged that sexually harassing emails sent through the
company email system caused a threatening work environment. One of the sexually
offensive messages was a ‘joke’ sheet entitled ’25 reasons why beer is better than
women’. The company settled the case for no less than 2.2 million dollars.
#3. Damage to reputation
There is no doubt that the contents of corporate emails reflect on the business. A
badly written email, or an email containing unprofessional remarks will cause the
recipient to gain a bad impression of the company the sender is representing. UK law
firm Norton Rose had to find this out the hard way when two of their employees
originated the ‘Claire Swire’ email, a sexually explicit email that ended up being read
The first step in securing your company from email risks is to create an email policy
that sets out all the do’s and don’ts regarding the company’s email system. Next,
you must enforce your email policy by distributing it amongst your employees and
educating users in their email use. Finally, you require content checking software
that filters your internal and external email traffic in order to enforce your email
policy.
Policy Patrol is a comprehensive email filtering tool that offers anti-spam, virus
checking, keyword filtering, attachment blocking, disclaimers, compression and many
more email management features. Policy Patrol is one of the few products that can
filter internal emails (if installed on Exchange server 2000, 2003 or 2007). The
product is used by internationally renowned companies such as Nissan, USA.net,
Targus, Canadian Pacific Railway, Lotto, Fujitsu Services (Central Government
customer), Daewoo and many more. Policy Patrol helps you protect your company
against the email risks in a number of ways:
Policy Patrol minimizes lost productivity and network congestion by blocking spam,
viruses, compressing attachments, delaying large attachments, filtering personal
mails and producing usage reports.
Anti-spam
Policy Patrol combats spam by using multiple spam filtering methods and sorting
spam messages into a known spam or suspected spam category, allowing you to
only concentrate on reviewing suspected spam and avoid wasting any time on known
spam messages. Users can view, delete and deliver their own spam messages via a
web console and a quarantine report that is sent at regular intervals via email. It is
also possible to forward messages to the junk mail folder if preferred.
Anti-virus
With the Kaspersky™ Anti-Virus add-on module, Policy Patrol scans messages &
attachments for known and unknown viruses, email exploits and malicious scripts &
macros. Kaspersky™ Anti-Virus includes a sophisticated Code Analyzer that detects
harmful instructions in a code and can therefore block viruses and malicious scripts
even if they are still unknown. Policy Patrol can attempt to clean infected messages
and if the virus cannot be cleaned, the infected part of the message (attachment or
HTML body) can be deleted. You can also configure rules that further process mails
with viruses or suspected viruses. For instance, you can notify the sender that their
message was deleted, or add the sender's email address to a 'Virus senders' filter.
Compression
Policy Patrol can help you save bandwidth and storage space by automatically
compressing large attachments. By using conditions you can configure Policy Patrol
to only compress attachments of a certain size, or attachments of a certain type.
Delaying emails
If messages contain large attachments, you can decide to delay them and deliver at
off-peak times. This will save you valuable bandwidth and will stop your mail system
from getting blocked. You can apply the delay rule to certain users or groups and/or
exclude users or groups, for instance management. Furthermore, you can configure
a notification message to be sent to the recipient, sender, user’s manager and/or
Administrator, stating that the message has been delayed. If the message is urgent,
the moderator can decide to deliver the message straight away.
Reporting
By viewing reports on the type and size of attachments that users send and receive,
it is possible to identify heavy users of the email system. This information can also
help determine whether the usage is likely to be personal or business related.
Moreover Policy Patrol reports include information on the amount and type of rules
that users triggered, which can also help identify bottlenecks.
Legal liability
Legal liability can be reduced by adding legal disclaimers and making sure that no
offensive or inappropriate emails are either sent or received by the company.
Keyword filtering
Policy Patrol can filter messages for offensive words and phrases. If an inappropriate
word is found, Policy Patrol can quarantine the message and send a notification to
the sender, recipient, user’s manager, Administrator or another email address. The
notification can include details of the quarantined message such as subject, sender
and recipient. Upon accepting or rejecting the message, notifications can be sent to
the sender, recipient, user’s manager, Administrator or another email address.
Disclaimers
Apart from searching for and quarantining emails with offensive words and phrases,
Policy Patrol can reduce a company’s liability by adding disclaimers to emails.
Although a company is ultimately responsible for the actions of its employees,
including the content of any emails they send, a disclaimer can decrease liability; if a
company can show that it has correctly instructed its employees not to send
libellous, inappropriate or defamatory statements this could help in disclaiming
responsibility if an employee breaches these rules. Policy Patrol adds disclaimers at
server level and provides companies with a sophisticated tool for implementing a
well-planned disclaimer strategy. By offering user and group based disclaimers
(optionally with user exceptions), and by differentiating between internal and
external mails, Policy Patrol allows companies to add different disclaimers in different
situations and therefore increase the effectiveness of the disclaimer notice.
Damage to reputation
Policy Patrol can protect against this threat by content checking emails for offensive
content and adding disclaimers to messages.
Keyword filtering
By quarantining messages with offensive or inappropriate words, you can ensure that
no email leaves your company with potentially embarrassing or harmful content.
Policy Patrol can send a notification to the user’s manager when a new message is
quarantined, so that it can be reviewed and accepted or rejected. The sender can
also be notified that the message has been placed in quarantine.
Confidentiality breaches
Policy Patrol can help you prevent confidentiality breaches by adding disclaimers and
checking emails for words, attachment names and types, and by detecting
attachment spoofing.
Attachment spoofing
If users try to bypass filters by giving confidential files a false extension, Policy Patrol
can pick up on this since it can verify many file types. This means that if a user were
to for instance rename a .doc file to a .jpg file, Policy Patrol would know that the .jpg
file is spoofed and can then quarantine the message with the attachment. Rules can
be set for certain individuals or business groups and/or rules can be applied company
wide, optionally with the exception of certain users or groups, for instance
management.
Disclaimers
By including a disclaimer that warns that the content of the email is confidential,
Policy Patrol can help protect your company against the unintentional exposure of
confidential information. If the receiver breaches this confidentiality, they could be
liable.
Regulatory compliancy
By adding disclaimers and archiving your emails, Policy Patrol can ensure compliancy
with industry rules and regulations.
Disclaimers
To ensure confidentiality of information sent via email, companies are having to add
disclaimers to their email messages, notifying the recipient that the information is
confidential and may not be distributed to others. Policy Patrol can add user-based
disclaimers to the top or bottom of emails, therefore allowing you to add customized
disclaimer notices depending on the user division or job function of the sender.
Furthermore, by making use of merge fields the disclaimer notice can be made more
specific, for instance by actually naming the intended recipient and by adding a date
to the disclaimer.
Policy Patrol can regulate bandwidth usage and reduce storage needs by rejecting
and deleting spam messages, compressing attachments, delaying large attachments
and blocking personal emails.
Anti-spam
By rejecting (i.e. not downloading) spam messages that are listed on real-time black
lists or that are not addressed to local recipients (NDR spam attacks), Policy Patrol
can save bandwidth as well as storage space. By downloading messages and later
deleting them, no bandwidth savings are made but storage space is still reduced.
Compression
Policy Patrol can help you save bandwidth and storage space by automatically
compressing attachments at server level. By using conditions you can configure
Policy Patrol to only compress attachments of a certain size, or attachments of a
certain type.
Delaying emails
If messages contain large attachments, you can decide to delay them and deliver at
off-peak times to make the most efficient use of bandwidth resources.
Policy Patrol not only protects against threats, it can also help you manage your
email more efficiently. Here are just a few examples of what Policy Patrol can do:
Internal and External filtering: Policy Patrol is the only product that offers
internal mail filtering for Exchange Server 2003/2000 as well as a full feature set,
all included in one program. Furthermore, Policy Patrol can apply different rules
depending on whether the message is sent internally or externally.
One stop solution: Many products require you to install two versions (Exchange
and SMTP version) in order to gain access to all features. Policy Patrol includes all
features in one product and saves you installing two products to get complete
‘Policy Patrol has been in use for some time now and we think it is excellent! We catch over
1200 SPAM emails a day.’
Matt Franklin - Manager of Data Center Operations, RPM International Inc. (Medina, Ohio)
'Great product. Works better than any other SPAM filter we have tried. Clients are begging
us for a SPAM solution.’
Ben Rutter - Project Coordinator, Lionfield Technology Solutions (Exton, Philadelphia)
‘After looking into several e-mail filtering solutions, I decided to go with Policy
Patrol because of its flexibility, ease of use and mail filtering effectiveness. Policy
Patrol took no time to implement into our existing e-mail environment without any
disruption to users. The Policy rules are very easy to setup, customisable and most
important of all very effective in stamping out spam & virus infected e-mail, which
was our number one priority.’
Owen Treanor - European MIS Coordinator, Rainbow Technologies (Surrey, UK)
‘Great product, easy to configure, saves time & trouble. Policy Patrol has cut down
More information
Ö To download the white paper Email disclaimers – The legal and practical issues,
please go to: http://www.policypatrol.com/requestwpemaildisclaimersfrm.htm.
Ö For Red Earth Software’s white paper Circular 230 – Achieving disclaimer
compliance, please go to http://www.policypatrol.com/circular230.htm.
Policy Patrol® is a registered trademark of Red Earth Software®. Copyright © 2001- 2009 by Red Earth Software.