Blue pill, red pill or kill pill?

Opinion by Dan Raywood

In the recent Data on the Move survey SC Magazine undertook in association with Egress, one of the key statistics said that 74.5 per cent of the 160 respondents had received a 'recall' message.

In the recent Data on the Move survey SC Magazine undertook in association with Egress, one of the key statistics said that 74.5 per cent of the 160 respondents had received a ‘recall' message.

Egress CEO Tony Pepper said that one factor that could benefit this would be to have a ‘kill pill' that stopped an email and remotely killed it. He said that this was a key part of its Switch software in order to remotely revoke access, as people want the practicality and want to prevent documents and data from being forwarded on.

“What is important is sharing information, when you are sharing information you cannot be sure that it will not be forwarded to unauthorised recipients,” he said.

Security consultant Brian Honan said that this sort of thing has been on the wish list for many people for many years.

“The problem is the current email protocols and standards do not natively support this functionality, nor were they designed initially with security in mind. So while the recall feature can be implemented within a company's own email environment (providing their email server software supports the functionality), it is a feature that cannot be easily extended outside of that company's network,” he said.

“In order to get the ‘kill pill' to work would require either all companies to use the same email platform or the underlying protocol supporting email to be completely overhauled so that the feature can be added as a standard. Until then we will have to rely on third party tools and means to ensure the security of our email systems and to prevent data leakage such as the ‘oops wrong email address'.”

The challenge is that not all email services and software is built the same, so perhaps it is the freedom of choice that is prohibiting such a technology being widely available.

Steven Malone, CTO at Metadigm, said: “Email was born in the days when ease of use was king and security wasn't even a consideration. Jump forward to today and security is now a prime concern for every business. However to secure an ageing (but globally standard) technology such as email, security vendors are forced to come up with progressively more creative solutions to close the gaps.”

He claimed that technologies that enable the remote killing of an email or device go a long way to addressing this problem.

Stephen Midgley, vice president of global marketing at Absolute Software, said that the issue is about how do you (whether you are the end-user or IT department) control the flow of data?

He said: “There are tools on the market, such as content-aware data loss prevention (DLP) and content containers that help, but only partially. One trend we are seeing is the move to content distribution via apps.”

Malone said: “Email has been the de-facto delivery mechanism for most malware over the last decade. Added to this is the fact that email is blamed more often than not as a primary data loss channel. Email filtering solutions can cover most threat vectors, but securing the contents of email attachments is still a missing link.

“However, the real issue is that email is fundamentally insecure. Changing the way email works isn't going to happen so our only option is to rely on a blend of technology solutions to plug the holes.”

Andy Kellett, principal security analyst at Ovum, said that many people get email recalls, which often seem to be a waste of effort once the original document has been sent, as most of the time the problem seems to revolve around the sender.

If the problem lies with the sender, is the first point of call a case of staff awareness and education? Honan said that these can range from training staff on how to use email in a professional manner, including how to double check the correct email address is in place, to deployment of DLP or email filtering configuration on keywords to implementing a proper response plan.

“As with all security issues, there never is one silver bullet that can solve the problem but rather a number of different and layered solutions to reduce the likelihood of the event happening and should it happen to reduce the impact it could have,” he said.

Honan is correct, there is no silver bullet to solve all issues and it comes back to the age old advice of layered security and user awareness, but technologies exist to help prevent the problem.

Joseph Souren, EMEA general manager at Wave Systems, said that a 'kill pill' can help with blocking a lost device as well, where an agent on the platform receives this message and blocks access to, or deletes, the data.

There are solutions and tactics available but what the challenge presents is a possible solution for a reduction in data loss via email. Will it cause an end to all of these issues?

Of course not, that has to be done by a layered approach of technology, knowledge and capability, but solutions exist and while many of us will be in that 74.5 per cent, how many recipients would actually delete that incorrectly-sent email?


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming Events