[Cialug] OT - maybe - out-going e-mail address blacklist ???

Tim Kromphardt aaronmit at gmail.com
Tue Jul 24 08:56:51 CDT 2012


You would also have to limit employee internet access to webmail (gmail,
yahoo, etc) as the transfer of sensitive data might be
stopped via exchange, but a little copy / paste and the employee could
easily circumvent it.

On Tue, Jul 24, 2012 at 8:47 AM, Josh More <jmore at starmind.org> wrote:

> The cheap tools, yes.
>
> The more expensive tools to chunk indexing and can be pointed at a
> data repo, either a file share or a DB column.  It then prevents that
> data from leaving the environment.
>
> DLP is, however, easily subverted by encryption, so for it to be
> effective against deliberate threats, it must be coupled with egress
> whitelisting... which is challenging in its own right.
>
> -Josh
>
> On Tue, Jul 24, 2012 at 8:44 AM, Nathan C. Smith <nathan.smith at ipmvs.com>
> wrote:
> > A lot of the tools available to companies to manage information loss
> look for and block specific information such as Social Security numbers and
> credit card numbers etc.  In my admittedly limited experience, these are
> challenging to use for anything other than the most basic cases.
> >
> > -Nate
> >
> >
> > -----Original Message-----
> > From: cialug-bounces at cialug.org [mailto:cialug-bounces at cialug.org] On
> Behalf Of Rob Miller
> > Sent: Tuesday, July 24, 2012 2:31 AM
> > To: Central Iowa Linux Users Group
> > Subject: [Cialug] OT - maybe - out-going e-mail address blacklist ???
> >
> > Every once-in-a-while I have a curious idea that I'm not sure to which I
> can find the answer.  I do know that someone on this list will know the
> answer.
> >
> > Is there a corporate e-mail system like Exchange or some other part of a
> network like the firewall that has a feature that would block an out-going
> e-mail message being sent to a specific address? I'm thinking this might be
> described as an out-going blacklist or a reverse blacklist.  I'm thinking
> that this might be of interest to info security managers and paranoid
> corporate types so that employees would be blocked from sending corporate
> secrets immediately and directly to an address within a competitor's
> network or to a media outlet.  Maybe a government organization would want
> to prevent an employee from sending messages to jassaunge at wikidrips.orgor using an anonymous remailing service like who remembers "
> anon.penet.fi" ???
> >
> > An even cooler concept would be some type of routing code that could be
> added to a message as it was leaving its home network that would prevent
> anyone from forwarding the message to specific addresses.  I guess that
> would solve the problem of a message being sent to an anonymous remailer.
> >
> > TIA for any replies, discussion, etc.
> >
> > Rob Miller
> > _______________________________________________
> > Cialug mailing list
> > Cialug at cialug.org
> > http://cialug.org/mailman/listinfo/cialug
> > _______________________________________________
> > Cialug mailing list
> > Cialug at cialug.org
> > http://cialug.org/mailman/listinfo/cialug
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
>



-- 
Tim Kromphardt


More information about the Cialug mailing list