Home > IT Answers > Security > Prevent data leakage via free email accounts
Help

Question

  Asked: Nov 14 2007   8:43 AM GMT
  Asked by: Xfpgas

Prevent data leakage via free email accounts


Security, Email security

Is there any way other than Rights management to prevent employees from sending confidential files using free email accounts ( yahoo, google etc). I can't disable access to all known free email accounts. There are just too many of them.

We already use endpoint security to lock down USB drives.

Subscribe to Alerts! Get questions and answers delivered to your Inbox.


E-mail me updates on this question



   SUBSCRIBE

hidden modal window
Help

Answer Wiki (Improve, edit or add to this answer)

IMPROVE THIS ANSWER
View History
 RATE THIS ANSWER
0
Click to Vote:
  •   0
  •  0
Last Answered: Nov 16 2007  4:39 PM GMT  by Davis420




If the free email accounts were accessed via unencrypted HTTP then you could prevent HTTP uploads using a firewall that recognized that.

However, since most of these are encrypted (HTTPS), it can be difficult.

The best way I know how to do it is to just control the sites that people access via a content filtering solution. For example, we use Fortiguard and it can lock down all known email web-based email sites with a click of the mouse. An alternative would be websense but it is pricey.

Hope that helps.

David Davis
Checkout my IT Video Training at Happy Router.com
& my ITKE Cisco Blog
  • AddThis Social Bookmark Button

Browse more Questions and Answers on Security and Exchange.

Looking for relevant Security Whitepapers? Visit the SearchSecurity.com Research Library.


RSS - Discussions Help

Discuss This Answer


You must be logged-in to discuss a question. Log-in/Register

Yimster  |   Nov 14 2007  5:36PM GMT

I understand your problem and you are right on not able to block all web e-mail. Even if you do block all web e-mail, some smart person will by-pass your firewall using proxy. If they use secured proxy than all get is whole bunch of encrypted message. Best way to fix this problem, do a company policy letter about using web mail and state the consequence if caught using web mail. I would than do a random check of my firewall and see if you can make an example of a person for violating company policy, like dismissal. I bet that will wake everybody up.

 

HCream  |   Nov 17 2007  5:40AM GMT

Besides policy enforcement, it’s also important to educate users about email etiquettes.

 

Buddyfarr  |   Feb 15 2008  3:25PM GMT

SurfControl can also filter web based email. it connects with their database daily to download updates to the filter database and does a really good job. it works with ISA.