The importance of an integrated content management strategy

With Africa moving into the information age, companies of all sizes across the continent are embracing the Internet. This is changing the way business operates, improving efficiency and increasing customer service. However, a side effect of this increased connectivity is greater exposure to information security issues, which are now a fact of business life.

As each new type of threat has emerged, most organisations have adopted a solution cobbled together from different specialist vendors. As the scope and complexity of both IT infrastructure and the evolving threats it faces increases, organisations are finding these separate solutions to be cumbersome and costly, making it difficult to implement effective security policies.

Secure content management (SCM) is recognised as an integrated strategy for securing Internet communications with the outside world. It is based on integrated software or hardware / software solutions that secure inbound and outbound Internet traffic against specific threats, such as viruses, spam and inappropriate content. It handles incoming and outgoing electronic mail messages, Web pages and file downloads.

An integrated strategy is required because most organisations adopt a range of solutions as each new threat happens. Generally anti-virus software was initially installed, and as the threat from spam emerged, organisations went to a different vendor for spam filtering. Some organisations have already installed content filtering software from a third vendor, while others are actively seeking such a solution.

The problem with this common and complex approach is that it is expensive to maintain and support multiple products from different vendors. Each product has to be configured separately and mistakes could result in corporate policy not being applied as insecure messages slip between products. Management receives three different reports in three different formats that all seem to address similar security objectives.

An SCM solution provides an integrated suite of products across the entire enterprise that addresses all existing and emerging threats. It provides a single place to deploy and configure all the necessary software in order to implement the organisation`s e-mail security policies, whether internally generated or in response to regulatory requirements.

The solutions provide a single set of graphical reports across all network systems, servers and desktops that give IT administrators the information they need to evaluate the effectiveness of the organisation`s security policy, evaluate their network`s weak points and customise reports to fit their specific needs.

SCM software secures the company against viruses, spam and inappropriate content. On 20 September 2004, McAfee announced the 100 000^th malicious threat from viruses and other forms of malicious code, an increase of 15 000 since the beginning of the year.

Once a mild irritation, spam has developed into a global epidemic. Gartner Research estimates that 50% of e-mail messages are spam. Spam impacts an organisation`s operations in four different ways:

* First, unwanted spam infiltration wastes employee time. Jupiter Media Matrix estimates that by 2006 there will be over 206 billion junk e-mail messages sent around the world, or 1 400 e-mails per person.
* This wastes network bandwidth and server resources. McAfee research shows that 14% of small businesses complained of depleted staff morale.
* Thirdly, spam exposes the organisation to a security risk because spam e-mails can contain malicious code.
* Finally, it can expose the organisation to potential legal liability associated with inappropriate content.

Employees need protection against incoming electronic mail messages that contain offensive content, such as pornographic, racist, sexist or abusive material. They also need protection against accidental navigation to a site that contains similar material.

Employers need to be protected against employees deliberately sending such messages or visiting such sites. They also need to protect themselves against their confidential information, or information protected by legislation, being sent out by employees, whether accidentally or intentionally.

Software is now available that can analyse the content of e-mail messages and Web pages and recognise inappropriate words or phrases as determined by the organisation`s security policy. It will block e-mail messages or disallow access to Web pages deemed inappropriate or not work related.

This is significant, because 27% of Fortune 500 companies have been forced to defend themselves against claims of sexual harassment resulting from inappropriate content. In 1996, Chevron paid $2.2 million to female employees after they claimed that a joke e-mail was inappropriate.

An integrated SCM strategy allows an organisation to optimise its resources, both people and networks. This can save considerable amounts of money.

An integrated SCM solution means that the organisation only has a single vendor to deal with for support and can implement detailed security policies from a single central location. IT administrators will save time and money through reduced deployment and training costs, reduced hardware investments and reduced policy redundancy. They will have a single place where all the information is available for reporting the effectiveness of security policies.

These issues together serve to reduce the total cost of ownership when compared with separate solutions. They also help the organisation to comply with external regulations.

Businesses that fail to introduce a comprehensive SCM solution are leaving their valuable business content exposed to all manner of threats, which deplete resources, impact productivity and contravene internal security policies as well as government regulatory policies.

In contrast, SCM solutions consist of policy-based Internet management tools that help companies defend themselves against business and network integrity threats. SCM integrates a number of crucial security features to provide layered, enterprise-wide, best-of-breed protection. It controls access to Web content, secure messaging traffic and provide protection against viruses and malicious code. SMC helps organisations optimise their resources, increase productivity, reduce their costs, implement internal security policies and comply with external regulations.