Send Anonymous Email | Stealth Internet Rotating Header Image

September, 2008:

Email database a click away

Sep 24th, 2008
by admin.
No comments yet

NOT using a custom-built email database? Well your business may flop sooner than you think.

Emailing customers is the way of the future.

And If you’re not using a custom-built email database to communicate with your customers, you are running behind, an e-marketing expert says.

Aussie Internet director Colin Cruickshank says collecting customers’ email addresses is a cheap and efficient way to tell them about your company’s new deals, new products and special events.

“You’re crazy if you don’t,” he says.

Since Australian legislation banned the commercial sale of email addresses, businesses have been forced to draw on their own resources to build email marketing lists.

And while the technology and programming “know-how” has existed for years, databases are now being compiled from businesses’ websites.

Mr Cruickshank said the trend started to gather momentum about 12 months ago.

If a person makes an inquiry, for example, purchases something from a website or downloads a brochure in situations where they must leave an email address, the system can harvest that address into a central database.

Once the systems are set up, employees can manually input existing email addresses and addresses they collect from clients face-to-face.

For example, email addresses printed on business cards that are tossed into a goldfish bowl at an event or trade show could be included in the database for e-marketing purposes, if a sign had been erected to outline their potential use.

And the experts say it is never too late to start collecting addresses.

Mr Cruickshank calls the new systems the biggest change in e-marketing and a great leveler for small business.

“It means 1000 emails can now be sent at the click of a button and a cost of about $50,” he said.

“Our clients say their customers are happy to be continuously receiving feedback and are inclined to deal with them more regularly.”

According to Australia’s anti-spam and media laws, a person’s email address can only be used for marketing purposes if prior consent, express or inferred, has been obtained from the owner.

Nicholas Campbell, corporate and regulatory affairs director for the Australian Direct Marketing Association – the largest peak body for marketers, said his organisation urged members to get express consent, using an opt-in clause.

“It is always better to ask the consumer what they want,” he said.

Given the harsh penalties that apply to the misuse of personal information, up to $1.1 million a day, it may also be a better option for a business’s bottom line.

Mr Campbell said marketers should also remember that email users can only be contacted within their reasonable expectations.

For example, a bank could send account holders information about credit card deals or new account options. But sending information about holidays or plasma screen TV deals would probably breach the law, he said.

Each message must also contain a functional unsubscribe option, which the recipient can click on to prevent further messages, and clearly indicate the sender.

“The industry has spent enormous time putting in processes to ensure people are asked what they want their personal information to be used for and are given an option to accept material or reject it,” Mr Campbell said.

Thumbscrew Approach To Secure Email

Sep 24th, 2008
by admin.
No comments yet

Recent revelations that a BBC mailing list had been hacked and the users on the list spammed with scams and/or computer viruses, highlighted the dangers that spam poses modern companies. While it is likely that many of the people who signed up to this list were using their personal e-mail addresses, it’s a dead-cert that some were using their business addresses. And this highlights a growing problem amongst firms, namely the increasing use of company mailboxes for personal messages.

The BBC e-mail list break-in clearly shows why companies should – wherever possible – mandate that staff do not use their company mailbox for personal e-mail. If they do, place your employees hands into a thumbscrew and crush their fingers slowly until they promise never to do it again.

If one or more members of staff at a company had signed up to the BBC mailing list in question, then that employee has effectively opened the company’s IT resource up to a spam and/or malware attack. Granted, the end result is outside of the staffer’s control, but it does explain why staff should not use their company mailboxes for personal messages. Through the use of policy enforcement software on company IT resources and deploying effective anti-spam plus security software, it is possible to minimise the possible effects of misuse of company e-mail resources.

That isn’t to say that it’s possible to stop the company IT system from being infected as a result, but the BBC incident shows – quite clearly – why firms should have a company policy banning the use of staff mailboxes for personal use. I expect the sale of medieval torture devices to increase after this post

Should personal e-mail accounts be used to conduct professional business?

Sep 24th, 2008
by admin.
No comments yet

In the wake of the recent story about Republican vice presidential candidate Sarah Palin’s Yahoo! email account being hacked, there has been a heated debate about the use of private e-mail accounts by public officials.

It appears that Sarah Palin used her Yahoo! e-mail account for more than just sending photos of her children to friends and family. She also sometimes used the web-based e-mail program to conduct state business in her high-profile position as governor of Alaska. As the story has unfolded, it has become clear that it doesn’t take a rocket scientist to hack into these types of e-mail accounts (with the help of an Athens-based anonymity service). Critics think Palin should have conducted state business only on more secure, government-based email services.

But with the widespread use of the BlackBerry and other PDA devices, as well as laptop computers, most of us are guilty of checking company e-mail accounts while in public places, where someone could easily peek over our shoulder and view confidential information.

Do you think there should be more restrictions on how employees view confidential information on their portable devices in public? Have you ever used personal e-mail accounts to conduct professional business?

Managing the E-Mail Security Risk in Business Today

Sep 23rd, 2008
by admin.
2 comments

Companies should consider developing an encryption policy. This includes defining the information that should be encrypted and who has permission to send encrypted messages. Not every employee should have access to sending encrypted messages, and unauthorized encrypted e-mails should be treated as a potential security breach.

It’s a rare week when the news doesn’t include a report about a corporate data breach — putting personal, financial, or medical records at risk for theft. Often — all too often, say security experts — these breaches are caused by a lack of a solid email policy. Email has not just revolutionized the way we communicate, it has transformed the way we do business today. Along the way, it also added a significant layer of risk. An employee can now easily share confidential information with an unauthorized co-worker or friend. Former employees are often kept on an email circulation list long after they’ve left the company or continue to have access to their old work accounts months after leaving an organization. And then there are issues such as sending personal emails and forwarding jokes, which may not necessarily be risks but do put a drain on company resources.

However, despite the clear security risks, an Osterman Research survey found that 86% of companies do not have a tool in place to address email usage, a practice that, according to Avivah Litan, VP and distinguished analyst at Gartner, Inc., needs to be rectified. “Email accounts are often compromised.” She points out that email should not be used as a secondary channel (e.g., in addition to the web or a call center) to convey sensitive information such as example passwords or secret questions and answers used to log into an account.

There are three reasons a company should put an email policy in place, according to Litan:

  1. Email is a major attack vector for crooks. For example, it is used to spread malware across enterprise and individual PCs and to entice individuals to give credentials and other sensitive information away through phishing attacks.
  2. Email account credentials are often compromised (e.g., email user IDs and passwords).
  3. Email trails are valuable tools for investigators and can implicate a company or individual in legal or forensic investigations.

“Companies need to recognize that email should not be relied on to convey sensitive, timely and/or confidential information,” Litan says. “For example, banks can’t rely on email to send financial statements to customers since they may not trust or read it.”

Yet an alarming amount of risky email still gets sent. According to a survey commissioned by Proofpoint, Inc. and fielded by Forrester Consulting, one out of 10 outbound emails poses a risk for organizations, whether legal, financial, or regulatory. In addition, only half of the email that should be encrypted actually is.

Web and email security boxed up

Sep 23rd, 2008
by admin.
No comments yet

BorderWare Technologies has introduced BorderWare Security Platform 8.0, describing it as the industry’s first security appliance to provide comprehensive email and Web security with anti-data leakage in a single, consolidated and correlated product and administrative interface.

“Until now, organisations globally were forced to purchase, deploy and manage disparate point products that exposed security gaps and increased complexity and operational costs,” says Shawn Eldridge, vice president of marketing and products for BorderWare.

“With BorderWare Security Platform 8.0, organizations can infinitely scale to correlate security across email and Web, consolidate administration and policy management, leverage data loss prevention across email and Web, and enable value-added features and functionalities based on each customer’s security and privacy needs and goals.”

Featuring data loss prevention (DLP) across multiple protocols, the company reports that the new BorderWare Security Platform 8.0 is specifically designed to prevent threats via a flexible and efficient approach for quickly integrating new and customer-selected security and privacy features, accommodating unlimited customer growth, and consolidating administration, reporting and policy management.

“Security breaches no longer appear in just one communication channel, but as sophisticated, blended threats across email and Web. Mid-market organizations are looking not only for DLP but also for proficient management capabilities,” notes Brian Burke, program director for IDC’s security products program.

It enables instant-on data loss prevention, encryption and content filtering with integrated threat prevention for viruses, spam, spyware, phishing, crimeware and malware attacks. Other features that can be individually enabled include email encryption or Web caching. The management console consolidates all email and Web features in a single interface, providing security operations of reporting, policy management, policy remediation, on-demand feature enablement and clustering. BorderWare Security Platform can be managed both remotely and locally.

← Earlier Posts