Managing Email Security in Organizations
Spywares: these are programs that monitor keystrokes and other activities being performed by the computer and send the information to others without the consent of the computer user. Spywares also play adverts on the computers and are privacy-invasive software.
Trojans: these programs steal information from the infected computer and send it to a third party by pretending to perform a given task. They also alter the computer and the information and other programmable devices.
Malware: this is a generalized term, used to describe software that maliciously damages the computer and other programmable devices as well as spying and sending information to another person without the consent of the user.
Viruses: these programs are able to replicate themselves. They integrate themselves to the existing programs and files. By doing this, they hinder the information from the user and also corrupt the information.
The ISO/IEC 2700 series consists of a set of information standards which were formulated and published by International Electrotechnical Commission (IEC) and The International Organization for Standards (ISO). The following standards are commonly used.
ISO/IEC 27000. which contains information about the family of standards and contains the terminologies used
ISO/IEC 27001. it contains the standards for the establishment, implementation, improvement, and control of information security management. They are based on British standards, BS 7799 part 2, they published ISO/IEC 27002
ISO/IEC 27005. these standards are designed to aid in the implementation of an information security system. They are based on the risk management methods.
ISO/IEC 27006: these acts as guides to the process of certification and registration.
ISO/IEC 27011: they contain the guidelines for the security management of information for the telecommunication industry.
ISO 27001 provides information about standards used for Email security systems (ISO 27001). This information is contained in the fourth chapter of the standardization report.
Other standards are being prepared. (National Institute of Standards and Technology, 2005)
Network insecurity problem is experienced in most corporations and organizations.