Content Security     Verschlüsselung     Akademie     Support



CompanyCRYPT News ArchivHere you can find news from the areas of IT security, encryption and content security, as well as interesting information about Clearswift products and of course news about Secure Internet traffic and the encryption module CompanyCRYPT.

5-Star-Rating from SC Magazin for Clearswift MIMEsweeper Email Appliance


Clearswift's MIMEsweeper Email Appliance is a rack-mountable hardware device that secures inbound and outbound messages. The features available in the appliance include anti-malware, anti-spam, content filtering (including smart identifiers to help prevent data leakage), anti-phishing and many others. Setup and configuration of the tool was very easy. We had the device up and running within minutes and found the overall interface to be attractive and professional looking. When reviewing email content management, we look for many defense-in-depth features and this appliance definitely delivered. Overall, it includes one of the largest ranges of user-friendly feature sets that we've seen. Several configuration items are linear, which helps administrators understand what policy or configuration they are applying and to which groups or users. The solution integrates with directory services and secures messages by using a combination of techniques. This includes network-based integrity via reputation and sender validation, but also content management, including anti-malware and smart identifiers. A few pre-built identifiers can be applied to filter messages for special data strings, such as credit card and Social Security numbers. The appliance also has several enterprise management features, such as automated report scheduling, backup and restoration capabilities, audit logs and more. Navigating around the interface did take a slight learning curve, but after consulting the documentation we were quickly acclimated to many of the administrative tasks. Documentation is thorough, extensive and is available on the appliance interface, as well as offline. Source:

Central eMail encryption CompanyCRYPT on the CeBIT

Press release

New eMail encryption solution CompanyCRYPT enables virus-, spam- and content inspection.Centralized De- and encryption as a plug-in for Clearswift. MIMEsweeperHANOVER, 10.02.2005 - The IT-service provider netFORMAT presents the newest version of its central eMail encryption solution on the Clearswift stand in hall 7, stand 37. CompanyCRYPT v1.1 is a server based solution, that enables virus an spam checks even on encrypted eMails. This solution was developed, to enable confidential eMail exchange between companies an their external partners, customers or supplier via the internet. A network of qualified partners is planned for the sales distribution of version 1.1. CompanyCRYPT offers full support for the two most accredited encryption methods PGP and S/MIME. The new version not only works on the Clearswift MAILsweeper V4.x but also on the content security-product "MIMEsweeper for SMTP" V5. By the integration into the MIMEsweeper all security policies can be fully applied even on encrypted eMails. Besides the personal signing and encryption of eMails the new version also allows the signing with a company key, much like an internal post office. Existing keys and certificates can imported into the system. Through improved processing speed for de- and encryption CompanyCRYPT now even meets the requirements of extremely large email environments. With version 1.1 common server hardware can process up to 5 GB of eMail traffic per hour.CompanyCRYPT v1.1 is now equipped with two administration GUI??s. Besides the classic server console CompanyCRYPT can now be managed via a new web based interface. An automated key management makes key management an easy task. More information at

City Council Lueneburg for centralized eMail solution

Press release

Integration into the security architecture without decrease in security and without any change to the Client Hanover, 06.10.04 - The city council of Lueneburg has had the IT service provider netFORMAT integrate the OpenSource-product GnuPG ( into their existing eMail infrastructure in a way that the end user can receive and send encrypted messages now with the press of a button. This centralized solution is now in place to enable the department of ??Social services? to exchange highly confidential personalized data with other departments in other districts by more up-to-date methods.The sensitive data consists of personalized information for exchange with other welfare institutions or details about hospital treatment used to generate the welfare accountings. Before the department used to file the data on floppy disk to be sent by postal services. Now with CompanyCRYPT the information exchange has become simple convenient and secure.This self-development software unifies content inspection and content security on a single server, with which it becomes possible, to automatically scan encrypted eMails for viruses, Trojans and internet worms. For this the already existing content-scan-product "MAILsweeper for SMTP", which safe guarded the internal net, was enhanced by the ability of de- and encryption. In the same manner in which virus scanner and other methods are activated within the Clearswift product to enforce company-wide security policies, now the licence free PGP variant GnuPG realises the de- and encryption.Stefan Domanske, IT-security administrator at city council Lueneburg points out the advantages: "The end user now can send their eMails encrypted without any extra effort and fully concurring with legal requirements. Neither a roll-out of client software, nor user training, nor any modification to the client PCs was necessary. Only the security administrator has to be capable of correctly handling the key management." For the future the city council of Lueneburg is planning on using encrypted eMails also for other applications or even mobile appliances with this solution. Furthermore the same concept will be used for tele-work and web portals.

Clearswift adds *on box* encryption and real-time URL categorisation to award winning security products

News from Clearswift

Clearswift, the software security company, today announces new releases of its award-winning web and email security gateways. The new products provide a comprehensive and integrated solution to protect businesses from data loss, spam, malware, viruses, identity theft, phishing and other network and data threats enabling them to confidently embrace today??s collaborative social networking and web 2.0 technologies. Research undertaken by Clearswift in 2007, found that just 11% of businesses were making use of Web 2.0 technologies such as Facebook and Three years on, the latest figures show over two-thirds of companies are allowing the use of web collaboration or social media tools in the workplace. Clearswift Secure Email Gateway 3.1 More sophisticated encryption: Expanding on the basic Transport Layer Security (TLS), Clearswift??s new email product enables encryption of the message content rather than encryption of the connection between two servers. Encryption can be based on who the message is being sent to, or based on certain content within it: for example when certain keywords or phrases are added such as ??confidential? or the detection of PCI or PII information. The new encryption capabilities support message encryption and decryption of PGP and S/MIME messages along with a method to send messages securely to recipients without the need for PGP or S/MIME keys and certificates. Improved anti-spam engine: Clearswift??s new anti-spam engine now delivers 99% spam detection rate ?? thought to be the best in the industry, with an extremely low false positive rate. For the first time, the engine uses a cloud-based system to classify non-cachéd messages in real-time, meaning that responsiveness to spam outbreaks is significantly improved. Clearswift Secure Web Gateway 2.1 Real-time website categorisation: Inappropriate websites can be assessed (and if necessary, blocked) in real-time using technology which recognises the typical characteristics of *inappropriate* sites. This technology is also used to help prevent inappropriate images being displayed on a Google Image search. HTTPS certificate policy: The HTTPS decryption option allows the content of encrypted web traffic to be inspected for policy violations and also allows the administrator to easily, as part of the certificate policy, whitelist sites that they trust that fail the certificate validation checks. The encrypted content from such sites is still content checked despite the certificate error being ignored. The improvements make management far easier and remove the need for individual users 'override' barriers to certain sites, making the new system far more secure. Alf Pilgrim, Clearswift??s Chief Technology Officer said: ??Our latest web and email products come with significant upgrades, at the core of which is the sophisticated content inspection technology that Clearswift has developed. I firmly believe that it is this advanced level of content inspection and the unification of policy across both web and email that makes our products stand out from the crowd.? Source:

Clearswift Boosts Web Content Security

News from Clearswift

London, UK ?? 15 May 2007?? Content security specialist Clearswift today announced major upgrades to its web content security portfolio as business concern around the threats associated with the growing use of Web 2.0 technologies intensifies. Today??s launch of upgraded versions of Clearswift??s MIMEsweeper Web Appliance and MIMEsweeper for Web software follows recent research which showed that while organizations rated the loss of confidential information as the second most important security issue they face, more than one third (35.4 per cent) of organizations didn??t monitor employees?? use of the internet and almost half (48.3 per cent) didn??t know whether they??d lost confidential information via Web 2.0 social media outlets. ??In the past most organizations have embraced web content security to prevent access to inappropriate content or to either filter or prevent access to webmail. However the explosion of social media sites such as blogs, YouTube and MySpace, means there are now many more avenues on the web for sensitive corporate information to potentially leak from the organization,? Clearswift??s Vice President of Strategy, Stephen Millard, said. ??In today??s competitive environment, businesses cannot simply lock down access to Web 2.0 services as they are also locking themselves out of the potential business benefits they can bring. Clearswift??s web security technology can help protect organizations against these threats while at the same time, allowing them to access and enjoy the benefits of Web 2.0 services,? he said. The MIMEsweeper Web Appliance includes user authentication, which allows web policy to be allocated to the user level, meaning administrators can define user groups, such as ??Finance?? or ??Executive?? and set appropriate policies for each group according to the type of web access they require. The reporting, therefore, can now also be based on user activity rather than a computer??s. Lexical analysis and pattern matching has also been added to the appliance, combined with robust recursive decomposition enabling administrators to detect content that contravenes the business policy. For example, advanced lexical analysis designed specifically for DLP (Data Loss Prevention) combined with pre-canned PCI and PII tokens prevent employees from uploading or sending documents containing credit card numbers. These advanced features can also be used to stop information such as social security numbers, patient identifiers or other personally identifiers from leaking out of the company. The primary enhancement of the MIMEsweeper for Web software is the inclusion of new content and policy engine technology. The solution now provides the same high levels of detection and recognition of data types as currently provided by the MIMEsweeper Web Appliance, MIMEsweeper Email Appliance and MIMEsweeper for SMTP software. The addition of streaming media detection and recognition capabilities is another major addition to MIMEsweeper for Web, improving the reliability of accurately identifying streaming media. The upgrades to both products see Clearswift??s continued drive for consistency of policy across both its email and web portfolios. ??These product developments will provide users with the highest level of protection while at the same time aligning the web security product range with the email security product range for better consistency and therefore ease of management ?? saving IT administrators valuable time and boosting productivity,? Mr Millard said. Source:

Clearswift Releases New MIMEsweeper for SMTP Edge Server as part of MIMEsweeper Re-Architecture

News from Clearswift

Clearswift today introduced the new MIMEsweeper for SMTP Edge Server an email firewall that protects business critical infrastructures from spam, viruses and malware. This new architecture allows MIMEsweeper for SMTP software to focus on its core competency??data loss prevention, outbound content control and policy enforcement, with the Edge Server providing dedicated, self managing boundary hygiene. In addition to filtering the spam, viruses and malware before it hits the internal network, the Edge Server provides a safe and trusted connection for confidential communications between an organization and its valued business partners through the use of TLS encryption. By deploying the Edge Server, a company??s servers will be more reliable, the networks faster and storage less packed with unwanted information. With less information flowing to the main core of MIMEsweeper, email will arrive faster and reporting will be more responsive while reducing the amount of maintenance required. With the addition of the Edge Server, MIMEsweeper Policy Servers will sit inside the network and focus on content management and policy enforcement. ??The Edge Server allows our customers to focus on getting the most business enablement from their MIMEsweeper investment, while leaving all of the daily email noise for Clearswift to handle? said Alyn Hockey, director of product management for Clearswift. The Edge Server features a secure Linux core and powerful operating philosophy, and takes Clearswift??s concept of Service Based Architecture to another level by splitting email and Internet security solutions deployments between the safe network and the DMZ. Clearswift is making it possible for companies to move their MIMEsweeper Policy Servers into the safe network where they can process clean email and enforce data leakage and acceptable use policies while placing the Edge Server in the DMZ to stop threats from reaching the corporate network. ??The new Edge Server from Clearswift offers security and protection for MIMEsweeper customers by providing an additional layer of spam protection at the boundary that includes spam reputation services, spam filters, Anti-Virus and TLS encryption,? said Brian Burke, Program Director at IDC. ??This evolution of Clearswift's product strategy will allow MIMEsweeper users to optimise email boundary hygiene and exploit Clearswift's policy enforcement and data loss prevention capabilities inside the network." Hockey added, ??The Edge Server will handle the incoming threats right at the gateway. It??s an easy to manage and maintain solution for email hygiene. It means more free time for IT, more bandwidth, more disk space, more responsiveness and more security.? The Edge Server is a logical extension of Clearswift??s vision for Policy Enforcement, which is the core for any Internet and email security strategy. The service allows Clearswift to addresses all hygiene issues in a single location outside the network while freeing its content and policy engines to focus on content security and policy enforcement. The Edge Server includes the following features: ? Advanced Anti-spam technology supporting:- Clearswift??s TRUSTmanager hands-free reputation services- Clearswift??s SPAMlogic anti-spam engine- Grey Listing capability for spam connection management- DNS-based filters using SPF, RBL and SURBL- Bayesian, Signatures and Heuristic engines ? ThreatLAB managed lists ? Kaspersky Anti-virus available as a costed option ? Transport Layer Security (TLS) encryption for server to server connections ? Multi-box support based on V5 SMTP License ? Full multi-server support for Policy, Reporting and Quarantine area management ? Generation of SNMP and SMTP alerts for system alarms ? Remote/scheduled backups, updating and patching support ? Multi-server peering for consistent policy enforcement Link:  

Clearswift rolls out 24*7 support as standard

News from Clearswift

Clearswift, the software security company, has today announced 24*7 support as standard for all customers, and confirmed the launch of two new enhanced options. These changes further enhance the customer satisfaction achieved over the past 12 months following the centralisation of Clearswift??s support teams into three in-house centres in the UK, Australia and USA. Craig Mills, Global Support Director, Clearswift said: "We believe that our support needs to reflect the role web and email use now has within an organisation ?? it is mission critical and needs to be fully operational at all times. Additionally, our in-house support teams have so much knowledge it makes sense to take this pro-actively to our customers, offering advice on potential issues and applying fixes before incidents happen." By choosing Clearswift content security, customers are investing in a fully integrated web and email security solution. A solution that offers the flexibility to create content policies that allow the full exploitation of Web 2.0 and email communications to fit their individual risk requirements. Clearswift standard support provides phone and email-based support, access to the knowledge base, service feeds, service packs and patches and user discussion forums - 24 hours a day, 7 days a week. Darin McLean, founding partner of Voicepath commented on his company??s recent experience, "It was probably the single best support experience I have had in my 25 years in the IT industry. The Support Engineer who answered the phone was the same person who solved the problem, and he did it immediately on that very first phone call. This is truly an exception in today??s marketplace, where the usual support experience means needing to talk to three different people before you get any kind of resolution. I will renew our Clearswift support subscription with a very light heart next year, and that's the first time in my career that I think I have ever felt that way about paying for annual support." Source:*7-support-as-standard

Clearswifts *Web 2.0 in the Workplace* report launched

News from Clearswift

Clearswift, the software security company, has unveiled new research outlining the latest business adoption of social media. The global report shows a startling change compared to three years ago. Research undertaken by Clearswift in 2007, found that just 11% of businesses were making use of Web 2.0 technologies such as Facebook and Three years on, the latest figures show over two-thirds of companies are allowing the use of web collaboration or social media tools in the workplace. The research includes evidence of positive steps by businesses to adopt social media across the global workplace with US companies leading the way, followed by Germany, the UK and Australia. More than half of managers surveyed believe that web collaboration technology is now *critical* to the future success of their business. Employee experience: Almost a third (28%) of employees say there is an expectation to maintain a social media presence for work purposes. Productivity: Despite concerns regarding employees wasting time, the majority (60%) of managers trust employees to use these resources responsibly; however 25% of employees have sent content via email and social networks that they regretted. Barriers to adoption: Barriers to adoption of social media have shifted from productivity to focus on security, with 61% of global businesses citing this as their main concern. 51% of managers feel that employees are *oblivious* to security concerns when using web and email technology. Richard Turner, Clearswift's Chief Executive, commented: "Today's research shows evidence of a change in attitude and confidence when it comes to Web 2.0 in the workplace ?? from the *stop and block* mentality that many businesses adopted in previous years to an appreciation that Web 2.0 is good for business and should be implemented more fully." "There's still progress to be made, however, and clearly security is an issue that many businesses are not yet comfortable with, but the picture today is a vast improvement on three years ago." Source:

CompanyCRYPT awarded with the Innovation prize 2005 in the category IT security

News item

CompanyCRYPT was awarded the innovation prize 2005 of the ??Initiative Middle Class Business?? in the category IT-security. HANOVER, 20. May 2005 - CompanyCRYPT was assigned the innovation prize 2005 of the ?? Initiative Middle Class Business?? in the category IT-security. The jury, consisting of members of ?? Initiative Middle Class Business?? and of the ??Huber Verlag for new media?? evaluated this product to be ??one of the most innovative and most interesting solutions for the middle class business?. CompanyCRYPT V1.1 is a server based solution, that enables a content inspection of eMails by virus scanner and spam filter, even if they are encrypted. The solution was developed to enable confidential email exchange between companies and their external partner, customer and supplier across the insecure internet.Confidential eMails send by the internal user are encrypted centrally by CompanyCRYPT without need for interaction with the end user and fully compliant with legal obligations. Besides the personal signing and encryption of eMails the gateway also allows the signing with a company key, much like an internal post office.This email solution supports the two major encryption methods PGP and S/MIME as a plug-in for the content security product "MIMEsweeper for SMTP" V5. No rollout of new client software or user training is necessary, neither are any changes to the client systems required.[il]??We are really delighted over the award of the innovation prize 2005 in the category IT-security. This award especially shows us, that user friendly solutions for security, confidentiality and integrity have become more and more important application for the middle class business.", commented Juergen Schneider-Jansohn, managing developer of CompanyCRYPT. More information about the innovation prize 2005 at

CompanyCRYPT compliant with the new OpenPGP standard (RFC-4880)

News from Secure Internet Traffic

The new OpenPGP standard has been published. It was assigned RFC number 4880. *It is a revision of RFC 2440* In terms of GnuPG, we're almost completely compliant to it already as GnuPG was updated as the various drafts of the standard were discussed. Through the integration of the most current version of GnuPG, CompanyCRYPT is completely compatible to the new OpenPGP standard. Further information to the new RFC: OpenPGP standard and GnuPG:  

CompanyCRYPT for the CeBIT innovation-prize 2005

Press report

CompanyCRYPT for the CeBIT innovations-prize 2005 Hanover, 02.03.2005 - On the occasion of the CeBIT fair the ??Initiative Middle Class Business? awards their ??Innovation-prize?? endowed with 50,000 Euro for the second time. This award is addressed to companies of the which present themselves with the best and most interesting products for middle class business. The focus lies on functionality an benefit. The IT service provider netFORMAT GmbH participates with their centralized solution for confidential eMail traffic CompanyCRYPT.CompanyCRYPT V1.1 is a server based solution, that enables a content inspection of eMails by virus scanner and spam filter, even if they are encrypted. The solution was developed to enable confidential email exchange between companies and their external partner, customer and supplier across the insecure internet.Confidential eMails send by the internal user are encrypted centrally by CompanyCRYPT without need for interaction with the end user and fully compliant with legal obligations. Besides the personal signing and encryption of eMails the gateway also allows the signing with a company key, much like an internal post office.This email solution supports the two major encryption methods PGP and S/MIME as a plug-in for the content security product "MIMEsweeper for SMTP" V5. No rollout of new client software or user training is necessary, neither are any changes to the client systems required. netFORMAT presents CompanyCRYPT on the Clearswift stand in hall 7, stand A37. Mor information are available at .The innovation prize middle class business had already been awarded by the ??Bundesverband mittelständische Wirtschaft (BVMW)?? in 2004 during the CeBIT fair with great success. Around 500 companies applied online for this award, which is the first of its kind in the history of CeBIT. This years winner will be selected by Huber Verlag for new Media and announced on the 16th of March 2005 at 10 o??clock on the homepage of the ??Initiative Middle Class Business?.

CompanyCRYPT is continued by S.I.T. Secure Internet Traffic

News about S.I.T. Secure Internet Traffic

Development and sales of CompanyCRYPT will be continued from 1st of June 2005 by S.I.T. Secure Internet Traffic GmbH & Co.KG. HANOVER, 01. Juni 2005 - The business area of content technology within netFORMAT Ltd. will be continued in autonomous structure beginning 1st of June 2005.The S.I.T. Secure Internet Traffic GmbH & Co KG located in Hanover will continue to develop, merchandise and support CompanyCRYPT with same team that has successfully done that in the past. By completely focusing on content security and the development of the awarded eMail encryption solution CompanyCRYPT all customers will benefit from the increased innovative capabilities.Location S.I.T. has it??s office on the west-side of the Expo Plaza, the most attractive area of the world exhibition right in front of worlds largest High-Tech- and industry fairs CeBIT and HANNOVE FAIR.Service and supportS.I.T. will carry on continuously with the well known service and support in the area of content security. Your familiar consultants, which now belong to the S.I.T. team, will continue to be at your service with well known competence. All service and maintenance contracts in regard to CompanyCRYPT and products of the area of content security will be served by S.I.T. netFORMAT Ltd. will continue to offer their spectrum of consultancy and service providing in the business areas of High-speed-networking and Network-management at the locations Hanover and Chemnitz. S.I.T. will maintain the close business relationship on a partnership level.

CompanyCRYPT is not affected by GnuPG Buffer Overflow

News from Secure Internet Traffic

While fixing a bug a buffer overflow has been identified in all released GnuPG versions. The current versions 1.4.5 and 2.0.0 are affected.When running GnuPG interactively, special crafted messages may be used to crash gpg or gpg2. Running gpg in batch mode, as done by all software using gpg as a backend (e.g. mailers or CompanyCRYPT), is not affected by this bug.Exploiting this overflow seems to be possible.CompanyCRYPT is not affected by this GnuPG bug.

CompanyCRYPT makes key server obsolete with ??MIKE??

Press release from S.I.T. Secure Internet Traffic

New version of the eMail encryption module CompanyCRYPT makes key server obsolete with ??MIKE" HANOVER, 28.07.2005 - The software developer S.I.T. Secure Internet Traffic presents the newest version of their central eMail encryption solution CompanyCRYPT. CompanyCRYPT v1.1.7 is a server based solution, that enables a content inspection of eMails by virus scanner and spam filter, even if they are encrypted.Besides the personal signing and encryption of eMails the gateway also allows the signing with a company key, much like an internal post office. And thanks to the new straightforward technique of the ??Mail Initiated Key Exchange" (MIKE) the required public keys can now be exchanged easily without the need for a key server. S.I.T. utilises an automatic exchange pattern, that can be started with a simple unformatted email from the external partner. No administrator nor end user need to interact here.The CompanyCRYPT installation routine has been extremely shortened and simplified. The product integrates itself now fully automatic into the Clearswift content security product "MIMEsweeper for SMTP". Frank Brandenburg, CEO Clearswift GmbH welcomed this extension by S.I.T.: ??Where our content scanner had to fish in shallow water, because what is invisible cannot be scanned, there is now brought light to the darkness.?By the complete integration into the CS MIMESweeper customers don??t have to invest in new hardware for their encryption solution. Especially high-availability environments benefit from this. All redundancy and backup measures remain unchanged causing absolutely no extra costs. The administrative GUI of CompanyCRYPT V1.1.7 has been optimised once again and is now filled with more functions and an improved usability.More information at .

CompanyCRYPT, the encryption module for Clearswift MIMEsweeper, has been awarded again.

Press release of S.I.T. Secure Internet Traffic

HANOVER, 12th April 2006 - S.I.T. Secure Internet Traffic, developer for content security software in Hanover (Germany), has been awarded for the second time with the 'Innovation prize 2006' in the category IT security by the 'Initiative middle class business'. The security solution provider received this award for the central eMail encryption solution "CompanyCRYPT".CompanyCRYPT is a server based solution that enables centralized anti-virus and anti-spam checking even on encrypted eMails.Besides the personal signing and encryption of eMails CompanyCRYPT also allows the signing with a company key, much like an internal post office. And thanks to the new straightforward technique of "Mail Initiated Key Exchange" (MIKE) the required public keys can now be exchanged easily without the need for a key server. S.I.T. utilises an automatic exchange pattern, that can be started with a simple unformatted email from the external partner. No administrator nor end user need to interact here.By the complete integration into the Clearswift content security product 'MIMESweeper for SMTP' customers don??t have to invest in new hardware for their encryption solution. Especially high-availability environments benefit from this. All redundancy and backup measures remain unchanged causing absolutely no extra costs.Frank Brandenburg, CEO Clearswift GmbH welcomed this extension by S.I.T.: "Where our content scanner had to fish in shallow water, because what is invisible cannot be scanned, there is now brought light to the darkness."All details about the 'Innovation prize 2006' are available at

Encryption of Internet data communication is top priority

News from

Encryption of Internet data communication is top priority Close to 70% of companies intend to have respective projects either completed or in progress by the end of 2007. As regards IT security in companies, the encryption of data communication via the Internet (VPN) and laptop data security take top priority among German companies. 69.2% of the companies consider the encryption of data communication via the Internet to be the most urgent requirement, closely followed by laptop data security (68.2%). Hence, by the end of 2007, 67.9% of the companies intend to have respective data communication encryption projects either completed or in progress. In addition, 6.1% stated that respective projects are at least at the planning stage. This is the result of the ??Sicherheitscheck 2007?? study carried out by secunet Security Networks AG, Essen, among 1,139 IT decision-makers in various sectors in October 2006. Over half of the surveyed companies also accorded high importance to central authorisation management (57.6 percent), e-mail encryption (57.5 percent) and securing web portals (56.8 percent). However, only 49.7 percent of the surveyed IT decision-makers saw a need for urgent to very urgent action in the field of intrusion detection systems, only 37.4 percent in public key infrastructure, only 35.6 percent in information security management systems, only 33 percent in single sign-on, only 26.2 percent in thin client architectures and only 24.9 percent in PIM push services. Decision-makers considered multifunctional corporate ID cards to be the least relevant area. Only 16.8 percent of the companies think there is a need for action in this field although such solutions increase process dynamics, security and efficiency in the company as well as reducing administrative expenses. Article on ... Study 'Sicherheitscheck 2007' (german language)

F.B.I. Gained Unauthorized Access to E-Mail

News from The New York Times

WASHINGTON ?? A technical glitch gave the F.B.I. access to the e-mail messages from an entire computer network ?? perhaps hundreds of accounts or more ?? instead of simply the lone e-mail address that was approved by a secret intelligence court as part of a national security investigation, according to an internal report of the 2006 episode. F.B.I. officials blamed an ??apparent miscommunication? with the unnamed Internet provider, which mistakenly turned over all the e-mail from a small e-mail domain for which it served as host. The records were ultimately destroyed, officials said. Bureau officials noticed a ??surge? in the e-mail activity they were monitoring and realized that the provider had mistakenly set its filtering equipment to trap far more data than a judge had actually authorized. Source:  

MIMEsweeper for SMTP 5.3 released

News from Clearswift

Clearswift upgrades MIMEsweeper for SMTP to boost Data Loss Prevention (DLP) capabilities Version 5.3 also sees introduction of support for Microsoft Office 2007 & OpenOffice formats Clearswift has released a new version of its advanced content security tool, MIMEsweeper for SMTP, to strengthen organisations?? Data Loss Prevention capabilities. Data Loss Prevention MIMEsweeper solutions have traditionally been used by companies wishing to control the content of outgoing emails. This new version sees the introduction of yet more features designed to help enterprises deal with their ever increasing DLP concerns. MIMEsweeper for SMTP is now able to deconstruct and selectively inspect document properties (metadata), along with their headers, footers and body-text for pre-defined keywords or phrases. For example, companies will now be able to choose to block any document containing the words ??Company Confidential? in the footer, and only allow documents stating ??Approved Template? in the metadata properties, to leave the network. The MIMEsweeper for SMTP content engine now also recognises data such as PCI (credit card) and PII (National Insurance) and hundreds of other forms of protected document tags, including watermarks. System Management Enhancements Clearswift has also added several features that will benefit large organisations running complex environments. Customer feedback has led to the introduction of a multi-domain management feature, which will support customers running thousands of users across multiple domains, as well as those organisations undergoing mergers or acquisitions. MIMEsweeper for SMTP 5.3 key new features: New media types supported ? Office 2007 ?? Word, Excel, PowerPoint ? OpenOffice ?? Writer, Calc, Impress ? Detection of ALSI, NEC Infocage and PointSec encrypted file types ? Multimedia ?? Flash, Google video, Ogg Vorbis, 3GP, FLAC, Monkeys audio ? Images ?? IGES Initial Graphics Exchange Specification and DWF Autodesk AutoCAD Data leak prevention ? Lexical templates for PCI Credit Card numbers ? PII (Personal Identifiable Information) ? Increased performance for multiple item and regular expression searches ? Pre-defined HIPAA, SEC and SOX lists ? Selectable scanning of headers, footers and bodies System Management ? Restrict operators to view one or more domains and no others in multi-domain environments ?? supports up to 1200 domains on a single configuration and extends to Message Area Management and Reporting functions ? Deeper integration of Edge Server into the Message Center and System Health PMM enhancements ? PMM support for Public Folders and Windows Groups ? Increased language localisation adding Swedish, Russian, Polish, Slovenian, Czech, Greek, Dutch and Danish Environmental enhancements ? EXCHANGEmanager interceptors to support Microsoft Exchange 2007 ? Windows SQL authentication support ? Compatibility with Windows Server 2008 ? Client tools compatibility with Vista Business Edition Source:  

NETFOX - Security Day (17. November 2005)

News from S.I.T. Secure Internet Traffic

Security- and management solutions for your electronic business communication. Modern data processing in electronic business communication keeps pushing the requirements on security.Representatives of Microdasys, Clearswift, Netfox and Secure Internet Traffic will update you on these topics: ? Exchanging confidential and vital business information in a secure manner ? Protection mechanism for daily internet usage ? Legal obligations and internal requirements for IT communication Mr. Schneider-Jansohn, consultant for content security, will hold a presentation on 'secured eMail communication' and share his experience with implementing centralised encryption solutions.The event will take place on the 17th of November 2005, 9:15 until 16:30 at the 'Technikum ,AquaRotter GmbH' , Parkstraße 1-5, 14974 LudwigsfeldeMore information is available at

New telephone contacs for customers and partner

New telephone extensions for customers and partner The following telephone contacts are now available for our customers and partners: Sales: +49 (0) 5 11-8 99 9710 Service: +49 (0) 5 11-8 99 97 11 Fax: +49 (0) 5 11-8 99 97 12 You will also find all or contact information on our homepage.

New Version of CompanyCRYPT on the Market - The Key to Confidential E-mail Exchange

News from Secure Internet Traffic

Version 1.3 with optimised integration in Clearswift MIMEsweeper Hanover, 23rd February 2007 - S.I.T. Secure Internet Traffic has launched the new version 1.3 of its software-module CompanyCRYPT. This new version offers numerous extended functionalities along with several improvements. CompanyCRYPT was specifically designed as a module that integrates itself automatically in the leading content-security solution on the market: ??MIMEsweeper for SMTP? by Clearswift. CompanyCRYPT extends the abilities of the ??MIMEsweeper for SMPT? by email-encryption and digital signatures. This integration has been taken another step further in version 1.3. More and more, especially business related e-mails, contain confidential and personal data. Solutions are needed, to ensure that these don??t fall into the wrong hands and also to verify the authenticity of documents. Solutions that ensure encryption and compliance with legal requirements. CompanyCRYPT by S.I.T. Secure Internet Traffic guarantees all that. The most outstanding improvement of version 1.3 is the ability to encrypt emails not only with PGP and S/MIME but also ad hoc. ??With the Ad Hoc encryption we provide a secure and yet easy to use method which allows to spontaneously send encrypted messages to just any recipient. This finally makes the protection of confidentiality feasible?, stated by Birk Zscheppank, Managing Director of S.I.T. Secure Internet Traffic. Additionally version 1.3 opens functionalities to the end user that allow the individual control of encryption and the digital signature. If needed the user can choose whether and how the email should be protected. By the use of control words instructions are passed to MIMEsweeper. From now on the gateway also offers an extended automatic verification of digital email-signatures by the use of certificates from certification authorities, even up to the verification of complete certificate chains. With version 1.3 CompanyCRYPT also supports the current use of S/MIME v3- characteristics in separate certificates. The support of French as the third language option, extensive internal improvements and some bug fixes as well as numerous refinements in the administrative interface top off the latest version of CompanyCRYPT. ??With v1.3 we took a big step forward. We have advanced CompanyCRYPT to an encryption solution which completely integrates into MIMEsweeper. Through the improved functions the module is now ready for automatic operation and flexible deployment for businesses in any size?, explains Birk Zscheppank. CompanyCRYPT has been developed to enable companies to exchange confidential eMails with external business partners, customers or suppliers via the internet. The emails of the employees are automatically encrypted without any extra effort and delivered in compliance with legal obligations. Besides a personalised email-signature, a message can alternatively be signed with a company key similar to an internal postal office. The integration of CompanyCRYPT into the ??MIMEsweeper for SMTP? involves a minimum of effort only. There is no investment in additional hardware necessary. The existing infrastructure remains unchanged and the whole administration is kept centralised. The end user does not need any additional training. Article on ...

Relaunch of the CompanyCRYPT homepage of S.I.T.

News item from S.I.T. Secure Internet Traffic

CompanyCRYPT is now being presented on a new internet homepage. HANOVER, 07. Juli 2005 - S.I.T. has remodelled their internet presentation. After a two months of redesigning the new homepage presents itself with friendly and more colourful layout.On this new company presentation visitors will find the latest information about the S.I.T. spectrum of service and consultancy and of course about the automatic eMail encryption with CompanyCRYPT. Besides the latest product information you will also find the sign-in option for the free of charge webinars. As part of this live demonstration in which you can see for yourself how easy the products works, you are welcome to ask the system specialists>We hope you enjoy our new company presentation and welcome any feedback.

S.I.T. Secure Internet Traffic and the email encryption specialist CompanyCRYPT on the SYSTEMS 2005

Press release of S.I.T. Secure Internet Traffic

Release of new version 1.2 of the encryption software for Clearswifts MIMEsweeper on the SYSTEMS 2005 fair in Munich. S.I.T. Secure Internet Traffic presents the latest version update of ComanyCRYPT, the server based eMail encryption solution for the Clearswift MIMEsweeper. Version 1.2 now fully supports the clustering abilities of 'the No 1 in content security'. It also offers a new automatic key generation feature that is controlled by a reference list derived from the internal groupware. As an additional system security feature, the complete system backup and restore functions are now available via the management GUI. "S.I.T. will show the full potential of CompanyCRYPT, the central solution for eMail encryption, on the SYSTEMS 2005", stated by Birk Zscheppank, Managing director of S.I.T. Secure Internet Traffic. "Together with our partner Clearswift we provide maximum security for minimum effort. From the 24th to the 28th of October everyone can experience the uniqueness of CompanyCRYPT." CompanyCRYPT v1.2 is a server based solution, which allows content inspection of eMails by Anti-Virus and Anti-Spam measures even on encrypted eMails. It has been developed to enable companies to exchange confidential eMails via the internet with partners, customers or suppliers in a trustworthy and still protected way. With CompanyCRYPT confidential eMails are centrally encrypted and delivered fully compliant with legal obligations for every employee. Besides a personal signing, a message can alternatively signed by a company key similar to an internal postal office.By supporting the two most accredited methods PGP and S/MIME and being a plug-in for the content security product "MIMEsweeper for SMTP" V5, this eMail solution covers 100% of the market.

SC Award for Best Content Security for Clearswift SECURE Gateways

News from Secure Internet Traffic

Clearswift scoops 'Best Content Security' prize at European industry awards Clearswift has been awarded one of the security industry??s top honours this week, collecting the 'Best Content Security' trophy at the 2010 SC Magazine Awards. Speaking after the ceremony, Clearswift Chief Executive, Richard Turner, said: "For any business, an award from your own sector or industry is generally the most rewarding. Formal recognition that your industry peers see the value in your product is incredibly satisfying. We're also particularly proud that the award recognised the value a unified web and email security solution delivers." By choosing Clearswift content security customers are investing in a fully integrated web and email security solution. A solution that, regardless of market sector, offers the flexibility to create content policies that allow the full exploitation of Web 2.0 and email communications to fit their individual risk requirements. Richard Turner continues: "It's also great validation of Clearswift??s strategy; there is growing support for our positive approach to security against the backdrop of an industry which remains focused on an outdated, negative 'stop and block' philosophy." Source: The full list of nominees and winners can be found here:

Security in the eMail architecture

Presse release

eMail solution combines encryption, content scan and anti virus technology Hanover, 27.02.03 - The IT service provider netFORMAT has developed a central eMail solution as part of a project in which combines the functionalities encryption, content-scan and virus-scan. With this solution the vendor centres on companies, that want to safeguard their internet eMail traffic to external partner an customers. The support for the mainstream standards PGP and S/MIME enables the automatic de- and encryption with common eMail software. By the integration of the content scan and the anti virus technology the content inspection for viruses and unwanted content can be applied upon the complete eMail traffic.Opposing the 'classic' approach the de- and encryption is not done on the client desktop PC, instead it is processed completely automatic on the central eMail server. Therefor no modifications to the client systems are necessary and the end user does not have to deal with the complicated encryption matter.The PGP encryption is currently based on the software product "PGP-eBusiness-Server" and is installed on the separate central server. This is less licence const intensive compared to an integration in the existing infrastructure server. The content scanning and the S/MIME functionality are realised with the product MAILsweeper and it's plug-In "SECRETsweeper". MAILsweeper and PGP-eBusiness-Servers are combined to achieve an automatic detection on the type of incoming encryption.The solution is windows based and is able to utilize self generated certificates as well as certificates issued by Certification Authorities (CAs). It also can be integrated in PKI systems (PKI - Public Key Infrastructure).The field of application for this netFORMAT solution is easy to describe: Two key pairs S/MIME and (Open) PGP are generated for the internal end user. The external partner chooses his preferred method, the system automatically detects the method and decrypts the content. For every encryption the key of the recipient is needed. Recipient and sender receive a confirmation each, about the status of (de-) encryption. Outgoing eMails are encrypted after content inspection, incoming eMails are decrypted before.The de- and encryption in both direction is single layer. Does the email still contain encrypted parts after the process, then it will be rejected at the content inspection, isolated and the recipient/sender will be informed. Just like virus detection are treated. Upon outgoing virus detection, additionally the administrator is informed to isolate the 'in-house' virus. Extensively large eMails will be 'parked' and on some occasions forwarded after regular work time.

SIT in a new office

News from Secure Internet Traffic

In the late February we moved to a new office. Our office is now in an old villa on the first floor. The new address is: S.I.T. Secure Internet Traffic Kaiser-Wilhelm-Str. 9 30559 Hannover Phone numbers and email addresses are the same as before ;-) Your team of Secure Internet Traffic

Symposium IsSec/ZertiFA 2004 (06.-07.12.2004)

News item from netFORMAT GmbH

Infrastructures of IT data protection and IT security put to the test.Mr. Schneider-Jansohn, consultant for content security, will give a lecture on ??eMail content security despite encryption?? on this event. He will also pass on his experiences while implementing central encryption solutions Main topics that will be discussed during this symposium: CERTs: more than the internet fire brigade Trusted Computing: Chances, risiks and status quo Legal requirements for the IT-securityThe new law concerning illegal advertisement (UWG): Can spam be fought with legal measures? Identity management: The Liberty Alliance approach Mobile devices as the backdoor to the company network IT-security as a factor of competition and success eMail-content-security despite encryption?! Current approaches concerning the basic IT security Field report: BS 7799-certificationData security audit Field report concerning data security cachets IT-security cachets comparison The D21-Initiative reflecting about a cachetDecember 2004 in the hotel The Ritz-Carlton, Berlin. More information:  

UK terror law change kicks in

News from

Animal rights activist hit with RIPA key decrypt demandAn animal rights activist has been ordered to hand over her encryption keys to the authorities. Section Three of the Regulation of Investigatory Powers Act (RIPA) came into force at the start in October 2007, seven years after the original legislation passed through parliament. Intended primarily to deal with terror suspects, it allows police to demand encryption keys or provide a clear text transcript of encrypted text. Failure to comply can result in up to two years imprisonment for cases not involving national security, or five years for terrorism offences and the like. Orders can be made to turn over data months or even years old. The contentious measure, introduced after years of consultation, was sold to Parliament as a necessary tool for law enforcement in the fight against organised crime and terrorism. But an animal rights activist is one of the first people at the receiving end of a notice to give up encryption keys. Her computer was seized by police in May, and she has been given 12 days to hand over a pass-phrase to unlock encrypted data held on the drive - or face the consequences. The woman, who claims to have not used encryption, relates her experiences in an anonymous posting on Indymedia. Source: offers help on legal questions concerning content security solutions

Press release by Clearswift

Clearswift is right! (Translated from German ?) offers help on legal questions concerning content security solutions | Launched on the CeBIT on the 10th of March 2005 Hamburg, 24.02.2005 - Online beginning 10th of March: With Clearswift is the first vendor of content security solutions, that additionally to their technical expertise, is going to offer customer and partners a complete source of information about the legal facts around implementing security software.Companies are becoming more and more aware of the necessity of using content security software. This assumption is supported by conversations between the Clearswift team and customer and partner in the last years, as well as extensive studies and surveys, like the IDC study ' Worldwide Secure Content Management 2004-2008'. One aspect however moves in the foreground: There is a vast need for information concerning legal aspects.Since Clearswift, as a specialist for content security solutions, is not intending or allowed to offer any legal consultancy services in the internet, it was decided to establish a information pool. Beginning 10th of March anyone interested can give himself an overview about his rights and obligations, problems an possible solutions on Decision maker on management and IT level will find along with recent cases, white paper, articles, guidelines and check lists for planning their content security activities. Works councils and affected employees will find information about their rights and responsibilities and the evolving solutions."We claim from ourselves to inform and support our customers in every phase of implementation or operation of our content security systems to the best of our ability", stated by Michael Scheffler, Regional Manager Central & Eastern Europe of Clearswift GmbH, Germany. "With we actually close in on this claim and helps us to even better support our users to get and implement a content security system." is just the beginning of an extensive information package, put together by Clearswift for their customers. Right after the CeBIT, 'Business Brunches' will take place in Hamburg Cologne and Munich, in which Clearswift customers are offered the opportunity to inform themselves about legal aspects around content security, ask questions to legal experts and exchange valuable practical experience in mutual conversations.

Letzte Änderung: 24.05.2018, Product of Interest: