Bank Systems & Technology is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


11:00 AM
Alan Pelz-Sharpe, Principal Analyst, CMS Watch, (Silver Spring, Md.)
Alan Pelz-Sharpe, Principal Analyst, CMS Watch, (Silver Spring, Md.)
Connect Directly

The Truth Is, E-Mail Security Can Never Be 100 Percent Effective

A bank's best bet is to be in a position to defend itself and detect wrongdoing as soon as possible after an e-mail security breach.

Alan Pelz-Sharpe, CMS WatchThe sheer volume of e-mail that passes through our organizations means that we have to accept that security can never be 100 percent. And before we get paranoid about stopping malicious e-mails from the outside, we need to remember that the most damage often is caused by those we employ and who have full and secure access to our systems.

That said, there are some common-sense precautions and prescriptions that need to be heeded. Clearly you need to filter out spam and malicious e-mail, and there are a plethora of solutions on the market to do that. It also makes sense to monitor e-mail for keywords and keyword combinations that potentially signal wrongdoing by internal staff. But these systems, though of value, are not as thorough as you might think.

Frankly, your best bet is to be in a position to defend yourself and detect wrongdoing as soon as possible after the event. Capturing all e-mail securely and directly from the mail server (not the gateway), filtering out duplications and then archiving all the remaining e-mail in a single location -- enabling easy, fast and thorough searching -- is the best you can typically do.

The truth is, e-mail will likely remain your Achilles heel for some time to come, and software vendors in this space seldom deliver as promised. To manage e-mail securely and sensibly, you need to make use of the archiving, management and monitoring options out there -- but you also need human resources, policies that are enforced and, most of all, a realistic attitude.

Register for Bank Systems & Technology Newsletters
Bank Systems & Technology Radio
Archived Audio Interviews
Join Bank Systems & Technology Associate Editor Bryan Yurcan, and guests Karen Massey and Jerry Silva from IDC Financial Insights, for a conversation about the firm's 11th annual FinTech rankings.