SurfControl, a Web and email-filtering company, announced the release of a white paper that urges organizations to layer security to ensure network integrity and to keep sensitive and proprietary information confidential. The paper, "Beyond The Firewall: Using a Layered Security Strategy to Deal With Internal Security Threats," is written by security practitioner Jack McCullough, author of the book, "Access Denied: The Complete guide to Protecting Your Business Online."  <?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />

The paper discusses threats and concerns that companies encounter as their networks grow in complexity. A layered approach is beneficial because products tend to be semi-specialized, and to build a more secure network you must use many products. In addition, businesses often overlook the threat of company insiders who might jeopardize security with as little as an email message.

"Perhaps the most overlooked threat in a security program is the threat posed by employee behavior," McCullough writes. "As much as 80 percent of security compromises are the result of actions by an insider. Whether incidents are due to malicious intent or inadvertent employee error, the result is the same: loss of revenue, productivity, and potential liability." McCullough also said that, "even when an acceptable use policy (AUP) is in place, administrators often lack the means to enforce it. Filtering technology enables management to enforce security policies, privacy policies, and AUPs while managing staff productivity and minimizing wasted network bandwidth."

Coinciding with the white paper's release, SurfControl is sponsoring a free Internet seminar on email content scanning, filtering, and the handling of malicious code. The seminar will take place Wednesday, May 22, at 2:00 P.M. Eastern Time and will feature a presentation by SurfControl Product Manager Paris Trudeau. Visit the SurfControl Web site for more information about the seminar and to obtain a copy of the white paper.