Security Basics mailing list archives
RE: outgoing email monitoring
From: jfvanmeter () comcast net
Date: Tue, 08 May 2007 10:52:57 +0000
I've used websense in the past to create a key word search that would inspect out bound emails, blocking any that matched a rule. The user also had no implied expectation of personal privacy, and what defined personal provacy was outlined in the acceptable user aggreement.. With all of that said There might be a problem were email is a form of "electronic communication," and whether email is exempt under the "communications in transient storage" from the Wiretap Act. The Electronic Communications Privacy Act (ECPA) of 1986 updated title 18 of the United States Code (the Wiretap Act). If email is considered an electronic communication, then it is considered protected under the ECPA. However, there are arguements that email was not "electronic communication" when it was copied because it was "in storage" at the time. The court concluded that "electronic communication" includes "transient electronic storage that is intrinsic to the communication process for such communications" and that "interception of an email message in such storage is an offense under the Wiretap Act." When I used websense to filter emails, I had the company lawyer check out the process, added a new adenuim to the acceptable user aggreement, and send the adenuim to all user. . Take Care and Have Fun --John -------------- Original message ---------------------- From: Zhihao <zhihao () root sg>
Ironport is what you can look at. It offers very strong reporting features and it can also give you the ability to enforce difference policies on different group of users based on the AD or LDAP. -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Matt Miller Sent: Wednesday, 2 May, 2007 3:02 AM To: security-basics () securityfocus com Subject: outgoing email monitoring hi list. I need a solution to monitor the flow of outgoing email traffic for data leak/security concerns. The two objectives that i have are: -monitoring and reporting - who sends, how many and where to? -possibility to temporarily put outgoing all e-mail on hold for reviewing by admin/user and releasing for delivery. Any suggestions? Thanks Matt
Current thread:
- outgoing email monitoring Matt Miller (May 01)
- Re: outgoing email monitoring Noaman Khan (May 01)
- RE: outgoing email monitoring Miguel Ramirez (May 01)
- Re: outgoing email monitoring Steven Hollingsworth (May 01)
- Re: outgoing email monitoring gjgowey (May 01)
- RE: outgoing email monitoring Zhihao (May 07)
- <Possible follow-ups>
- Re: outgoing email monitoring vachanta (May 01)
- Re: Re: outgoing email monitoring security (May 02)
- RE: outgoing email monitoring jfvanmeter (May 08)