| Please register to receive the benefits of our network-wide features. |
Register (free) |
Log In
|
| Please register to receive the benefits of our network-wide features. |
Register (free) |
Log In
|
While users are waging a one-on-one battle against spammers, and often feel as though they're on the losing side, enterprise IT administrators are waging the same battle on a much larger scale. Trying to defend an organization's entire infrastructure and all of its users from the increasingly persistent and dangerous attacks of a growing legion of spammers, they soldier bravely along using whatever tools they have at hand. At Burton Group's 2005 Catalyst Conference, Burton Group Senior Analysts Trent Henry and Daniel Golding discuss some tools and best practices in the enterprise-level battle against spam.
Henry and Golding describe some different types of spam and detail some of the risks to the enterprise, from the security and bandwidth costs of inbound spam to the risks to an organization's reputation when outbound spam seems to originate from within the organization. They discuss a few spamming techniques and detail some of the tools available, with an emphasis on user education, sender authentication techniques and message security/hygiene. Risks-to-come, such as SPIM (Instant Messaging Spam) and SPIT (IP Telephony Spam) are briefly touched on. The good news, according to Henry and Golding, is that while it might not seem like it, we're winning the war.
Daniel Golding has over 12 years of experience in Internet engineering and survivable network design for large carrier networks such as AOL Time Warner, and Earthlink Network. He lead AOL's efforts to become a Tier 1 Internet Service Provider, one of seven core Internet backbones, and has conducted advanced research into Border Gateway Protocol to improve reliability and performance for Internet users. Dan is a member of Internetwork Architecture team at AOL and Earthlink, designing high availability, highly resilient networks, and has edited three network technology industry books and co-authored Interconnecting Cisco Network Devices.
Trent Henry is a Certified Information Systems Security Professional (CISSP) with over 15 years of experience in information technology. His past work includes PKI industry security management and technology research, Internet server and protocol product development, and operations leadership of large-scale network and distributed systems deployments. Trent's professional experience includes Identrus, Digital Signature Trust, Ameritech, and Apple Computer. Trent is a respected speaker and writer on information security, audit, and compliance topics and has participated in security standards bodies including X9 and Internet Engineering Task Force (IETF) and has contributed to the first Common Criteria Protection Profile slated to become an ANSI standard. Trent received his undergraduate degree from Stanford University.
References:
This free podcast is from our Burton Group Catalyst series.
For The Conversations Network:
Play