The key to success for many businesses is to be able to receive and respond to information as fast as possible. With huge sums of money at stake and with stiff competition that never sleeps, blinking at screens all over the globe, the reinsurance market is a particularly good example of this.
When the chairman of Lloyd's handed over the award for International Reinsurance Broker of the Year to Benfield Greig in September last year, tribute was paid to the role that information technology played winning the achievement.
However, when the “I love you” virus struck the company a few months later, life looked a lot less rosy and everything seemed under threat.
Benfield Greig had been formed less than two years previously through the merger of two independent broking firms, The Benfield Group and Greig Fester. The IT infrastucture was one of the company's top priorities and in less than two months, it had integrated the computer systems of both companies, with all 15 offices worldwide linked through a company intranet.
Last August, it added a bespoke account management system to its existing software, allowing all activities for every customer to be entered on to a single central database. Customers then obtained password-controlled access to Benfield Greig's extranet so that they could view the status of premiums and claims.
Not surprisingly, risk analysis and peril modelling has also been a key feature of investment since the merger.
Imagine, therefore, the icy sense of horror that gripped Benfield Greig when the Love Bug virus penetrated the company's defences. In common with many other businesses, we immediately set about a high-priority search for better protection for our vital assets.
What was needed was a solution that would allow us to scan all internet email traffic to and from the internal email system and block messages based on a particular rule set. In addition, it was thought necessary to be able to append a disclaimer(s) to outbound messages, according to sender, and to have the ability to route messages to different gateways based on destination domain name.
Three solutions – Mailmarshall, Mailsweeper and Mailguard – were evaluated by installing each product in the live environment and using it for approximately four weeks.
At the end of the evaluation period we zeroed in on the Mailguard solution, which was developed by UK-based Net-Tel Computer Systems.
Among the key features that stood out were excellent support, ease of set-up, reliability and the GUI configuration programme. Now, all messages containing executable attachments are blocked before they reach our internal system. This has also had the effect of blocking messages containing flash animations, games, etc. which are mainly of a non-business nature. We are also considering blocking avi, mpeg, wav, and a number of other files.
We took out a Global-user license for the Mailguard SMTP product and invested in three policy engines, installed in the UK, US and Australia.
This system allows an organisation to define, refine and enforce its email security policy using just one application. Through a groundbreaking visual policy editor, it simplifies the daunting task of creating and enforcing an email policy.
The task of monitoring email is made simple by a powerful keyword and phrase search engine. Uniquely, Mailguard SMTP can spot words and phrases even if they are misspelt, have endings such as “ed” and “ing” or use “sound-alike” spelling.
Mailguard SMTP provides boundary protection wherever an organisation has a “trust gap” – between the corporate intranet and the internet, for example. It operates as a “proxy” server intercepting and examining messaging traffic, under the direction of the Guardroom policy configuration and management tool.
The Mailguard engine takes apart individual messages, breaking them down into their most basic elements before passing the exposed content to a range of filter mechanisms, including virus-scanning. The filters provide control over content, access, sensitivity and resource.
Content control inspects what is being exchanged – scanning for viruses, screening documents by type, filtering macro-laden documents, checking for inappropriate text and blocking spam and spoofed messages. Access control authorises who can send to whom, controlling by domain, group or user to fit the working practices of the organisation. Sensitivity control directs the release of classified information and resource control regulates the usage of messaging bandwidth.
A range of actions can be taken by Mailguard SMTP, including blocking or quarantining messages, removing attachments, adding annotations, as well as providing archiving and auditing.
The nature of the insurance market is such that the speed and performance of email messaging is of paramount importance. The functionality of Mailguard SMTP allows us to avoid a similar attack of the “I love you” virus.
Military men often emphasise the importance of maintaining control of vital information and communication systems – which is what led Nato to adopt the Mailguard SMTP solution too.
Like Nato, Benfield Greig also understands the vital need to access your information at all times and to be able to communicate and act swiftly.