Intellectual Property Theft Has Never Been Easier - Is your

Email-Based Communication Vulnerabilities IP can leave the enterprise at any of a number of points. Failure to quickly recognize and protect these "soft spots" in your network security could have tragic results for the long-term viability of the company.

Attachment and content filtering Unless your email security solution includes robust attachment and content filtering elements, anyone with access to your email network can send literally file cabinets worth of information to a private email account, to be retrieved at their convenience from any computer in the world. A single attachment can contain many years' worth of confidential information, and if you allow it to leave your enterprise gateway, you may as well just publish it.

Intrusion prevention Intrusion prevention is another Achilles' heel for companies with inadequate email security in place. Even intermediate hackers can use email to gain access to the company's digital backbone unless the necessary steps have been taken to keep them out. Once these hackers have access to the network, they can steal virtually anything stored anywhere on your network. For an example, we need look no farther back than August 2004, when the University of California, Berkeley suffered a network intrusion that resulted in the theft of the personal information of about 600,000 people.

Email encryption Failure to encrypt email communication can also provide opportunity for would-be IP thieves. Messages to trusted partners, customers or any other recipients outside the network can be intercepted and read by anyone with rudimentary knowledge of email systems. Encrypting these conversations ensures that nobody but the sender and recipient have the ability to read the messages contained within the email.

Phishing The explosion in phishing attacks, which utilize social engineering tactics to extract confidential information from email users, has presented a completely new and extremely dangerous method of IP theft. Unwitting employees are an easy target for phishers, who may pose as business partners, clients or any other "friendly" sender in order to gain access to sensitive information.

Viruses Viruses have proven to be another highly effective method of extracting information from corporations. Virus writers can write simple programs that, once executed on your network, mine for all sorts of data and send information back to the virus writer, or to any other recipient.

Severance Package, Indeed While your employees are your greatest asset, they have the potential to be your greatest liability as well. A disturbing, but not entirely surprising, fact is that most intellectual property (IP) theft is perpetrated by current and former employees. According to the U.S. Department of Justice, enterprises suffered $250 Billion in IP Theft in 2004.

A 2004 survey questioned 400 business professionals about their attitudes to IP theft. The research, conducted by Ibas, a computer forensics specialist, revealed some trends that should sound some alarm bells within organizations unsure of their IP security:

• 69.6% of business professionals have stolen some form of corporate IP from their employer when leaving a job.
• 32.6% of employees leaving a job took sales proposals and/or presentations with them.
• 30.4% admitted to taking information such as customer databases and contact information.
• The most commonly used method for stealing IP is to send electronic copies of documents and files to a personal email account.
• 58.7% think that taking IP is as, if not more, acceptable as exaggerating an insurance claim to cover the excess charge.
• Only 28.2% think that IP theft is completely unacceptable.
• The most common justification for IP theft was that the person had created the documents/files stolen and felt they partly belonged to them.

For more information about how CipherTrust's IronMail can help your enterprise keep a lid on your intellectual property, download our FREE whitepaper, "Securing the Email Boundary: An Overview of IronMail."