Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright © 2005 janusNET Pty Ltd UNCLASSIFIED Official information in email – managing the risk of leakage ● Reduce risk via protective markings ● Simplify.

Published byAubrey Mitchell Modified over 9 years ago

Similar presentations

Presentation on theme: "Copyright © 2005 janusNET Pty Ltd UNCLASSIFIED Official information in email – managing the risk of leakage ● Reduce risk via protective markings ● Simplify."— Presentation transcript:

1 Copyright © 2005 janusNET Pty Ltd UNCLASSIFIED Official information in email – managing the risk of leakage ● Reduce risk via protective markings ● Simplify email security for end-users ● Whole of Government approach Neville Jones November 2005

2 Copyright © 2005 janusNET Pty Ltd UNCLASSIFIED Concept ● PSM rules for email ● Keep ICT Security Simple for users ● make email system do the hard stuff ● get more value out of email system

3 Copyright © 2005 janusNET Pty Ltd UNCLASSIFIED In the beginning there was...

4 Copyright © 2005 janusNET Pty Ltd UNCLASSIFIED Official email ● Email as channel – big – useful ● Risks for Government

5 Copyright © 2005 janusNET Pty Ltd UNCLASSIFIED Email security difficult for users ● Message path hell ● Email policy hell ● Users are not routing experts! ● Users are not security experts!

6 Copyright © 2005 janusNET Pty Ltd UNCLASSIFIED Message path hell ISP Private Individual (Remote) Officer Wireless (Wireless) Officer firewall Your Agency Officer Private network Partner Agency Officer Internet Partner Agency Corporate Network Officer Fax gateway PSTN

7 Copyright © 2005 janusNET Pty Ltd UNCLASSIFIED Email security can be simpler ● Let email system do the work! ● Enforce policy at email components ● Use principles of PSM ● How to put protective markings in emails?

8 Copyright © 2005 janusNET Pty Ltd UNCLASSIFIED Protective markings for email RFC2822 MESSAGE RFC2822 BODY RFC2822 HEADER MIME BODY(s) MIME ATTACHMENT(s) Message-ID: Date: Wed, 230 Nov 2005 9:28:09 +1100 From: "Jane Doe" User-Agent: Microsoft Outlook X-Accept-Language: en-us, en X-Protective-Marking: [VER=2005.6, NS=gov.au, SEC=UNCLASSIFIED, ORIGIN=j.doe@example.gov.au] MIME-Version: 1.0 To: "Smith, John" Subject: Hello World [SEC=UNCLASSIFIED] Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit

9 Copyright © 2005 janusNET Pty Ltd UNCLASSIFIED Creating the marking

10 Copyright © 2005 janusNET Pty Ltd UNCLASSIFIED Real world problem

11 Copyright © 2005 janusNET Pty Ltd UNCLASSIFIED Risk management implementation ● Email client enablement ● Encryption invoked by classification level ● End user doesn't have to click “Encrypt”

12 Copyright © 2005 janusNET Pty Ltd UNCLASSIFIED Wide scope of application ● Client side rules ● Gateway flow control ● Gateway encryption/decryption ● Official email register ● Archive management ● Web headers

13 Copyright © 2005 janusNET Pty Ltd UNCLASSIFIED Gateway flow control ● Major area of Government activity ● DSD / ACSI33 & AGIMO ● Sending ● Receiving ● Agency adoption

Download ppt "Copyright © 2005 janusNET Pty Ltd UNCLASSIFIED Official information in email – managing the risk of leakage ● Reduce risk via protective markings ● Simplify."

Similar presentations

Unified. Simplified. Unified Communications Launch 2007.

Unified. Simplified. Unified Communications Launch 2007.
Securing Corporate Email & Documents Richard Elphick Titus Labs.

Securing Corporate & Documents Richard Elphick Titus Labs.
Securing Remote Network Access FirePass ®. Business Case VirginiaCORIS is an initiative to modernize the way that offender information is managed, to.

Securing Remote Network Access FirePass ®. Business Case VirginiaCORIS is an initiative to modernize the way that offender information is managed, to.
Meganet Corporation VME Mail 2004. Meganet Corporation Meganet Corporation is a leading worldwide provider of data security to Governments, Military,

Meganet Corporation VME Mail Meganet Corporation Meganet Corporation is a leading worldwide provider of data security to Governments, Military,
SMTP – Simple Mail Transfer Protocol

SMTP – Simple Mail Transfer Protocol
Web Servers Security: What You Should Know. The World Wide Web (WWW) is one of the best ways to develop an e-commerce business presence and interact with.

Web Servers Security: What You Should Know. The World Wide Web (WWW) is one of the best ways to develop an e-commerce business presence and interact with.
CS 105 – Introduction to the World Wide Web  HTTP Request*  Domain Name Translation  Routing  HTTP Response*  Privacy and Cryptography  Adapted.

CS 105 – Introduction to the World Wide Web  HTTP Request*  Domain Name Translation  Routing  HTTP Response*  Privacy and Cryptography  Adapted.
Internet…issues Managing the Internet

Internet…issues Managing the Internet
CPSC 441: FTP & SMTP1 Application Layer: FTP & Instructor: Carey Williamson Office: ICT 740 Class.

CPSC 441: FTP & SMTP1 Application Layer: FTP & Instructor: Carey Williamson Office: ICT Class.
T.Sharon-A.Frank 1 Multimedia Various Applications.

T.Sharon-A.Frank 1 Multimedia Various Applications.
Understanding and Building Basic Networks Chapter 3 The Other Internet.

Understanding and Building Basic Networks Chapter 3 The Other Internet.
Fact check True or False: Over half of the messages received today in Exchange Online are spam True. About 67 % of all messages are spam True or False:

Fact check True or False: Over half of the messages received today in Exchange Online are spam True. About 67 % of all messages are spam True or False:
COS 420 DAY 25. Agenda Assignment 5 posted Chap 22-26 Due May 4 Final exam will be take home and handed out May 4 and Due May 10 Today we will discuss.

COS 420 DAY 25. Agenda Assignment 5 posted Chap Due May 4 Final exam will be take home and handed out May 4 and Due May 10 Today we will discuss.
Chapter 30 Electronic Mail Representation & Transfer

Chapter 30 Electronic Mail Representation & Transfer
Esimerkki: Sähköposti. Lappeenranta University of Technology / JP, PH, AH Electronic Mail Three major components: user agents mail servers simple mail.

Esimerkki: Sähköposti. Lappeenranta University of Technology / JP, PH, AH Electronic Mail Three major components: user agents mail servers simple mail.
Configuring Hybrid Exchange the Easy Way

Configuring Hybrid Exchange the Easy Way
Mail Server Fitri Setyorini. Content SMTP POP3 How mail server works IMAP.

Mail Server Fitri Setyorini. Content SMTP POP3 How mail server works IMAP.
Virtual Private Network prepared by Rachna Agrawal Lixia Hou.

Virtual Private Network prepared by Rachna Agrawal Lixia Hou.
CertifiedMail Secure Messaging “Enterprise Encrypted Messaging… Hosted or In House Flexibility” Confidential – for authorized and internal distribution.

CertifiedMail Secure Messaging “Enterprise Encrypted Messaging… Hosted or In House Flexibility” Confidential – for authorized and internal distribution.
Clinton Ho Program Manager Microsoft Corporation SESSION CODE: SIA311.

Clinton Ho Program Manager Microsoft Corporation SESSION CODE: SIA311.

Similar presentations

Ads by Google