Guidelines on Electronic Mail Security (Draft) - Special Publication 800-45A
BankInfoSecurity.com - Banking Information Security News, Regulations, & Education  

Username:
Password:
Agencies
Anti-Money Laundering
Business Continuity & Disaster Recovery
Compliance
Emerging Technology
Governance and Standards
Identity Theft
Leadership Management
Physical Security
Risk Management
Training & Education
Webinar Calendar
Vendor Directory
Content Library
Products
Events
About Us
Resources
 

Guidelines on Electronic Mail Security (Draft) - Special Publication 800-45A

GuidanceNational Institute of Standards and Technology (NIST)Information Security

Electronic mail (email) is perhaps the most popularly used system for exchanging business information over the Internet (or any other computer network). At the most basic level, the email process can be divided into two principal components: (1) mail servers, which are hosts that deliver, forward, and store mail; (2) clients which interface with users and allow users to read, compose, send, and store email messages. This document addresses the security issues of both mail servers and mail clients.

Mail servers and user workstations running mail clients are frequently targeted by attackers. Because the computing and networking technologies that underlie email are ubiquitous, it is well understood and attackers are able to develop attack methods to exploit the technology. Mail servers are also targeted because they (and public Web servers) must communicate to some degree with untrusted third parties. Additionally, email clients have been targeted as an effective means of inserting malware into machines and of propagating this code to other machines.

> Read entire regulation (log in required - registration is free)



Terms of Service | Advertise | Archive | Site Map | Contact | Bank Information Security RSS Syndication RSS Syndication
Copyright © 2007 BankInfoSecurity.com