Websense is a global leader in integrated Web, data and e-mail security solutions that gives users up-to-date protection from unwanted content and malicious threats.

Its Security Labs uses the patent-pending Websense ThreatSeeker Network to discover, classify, and monitor global Internet threats and trends.

To create the ThreatSeeker Network, Websense augmented its expertise with organically developed and acquired email security, hosted security, and data loss prevention technologies from SurfControl and Port Authority. The company then added dedicated content and email security specialists to the Websense Security Labs team of researchers and the result is a network of technology and human intelligence that creates an adaptive feedback network that uses more than 50 million real-time data collecting systems to go through one billion pieces of content daily. The TheatSeeker Network feeds this security “intelligence” to Websense Web, email and data security solutions and provides its customers with advanced content classification, data identification, and security filtering available to mitigate risks to customer data and productivity.

Adding to this, Defensio and its technology, an acquisition Websense made in Jan 09, has been integrated into the Threatseeker Network, which among other things, greatly enhances the company’s ability to detect and protect against threats occurring in blogs. Then there is Websense PreciseID process, which works through a series of automated processes to create a fingerprint library and checks messages for sensitive content in real time. The system uses a compact and faithful numerical representation of the information and supports multiple types of fingerprints for various information objects and business needs.

The company also offers a relevant measure of similarity from the business perspective to ascertain the uniqueness of content. Unlike commodity filtering solutions that rely on basic URL filters, outdated signature-based antivirus systems and costly intrusion-prevention systems, Websense offers an approach that delivers real-time reputation analysis and expanded behavioral analysis to provide customers with the most accurate protection available.

Asian e-Marketing got a chance to talk to Mr. Andy Lake, general manager, Security SaaS, Asia Pacific of Websense Inc. on their security services. And he told us his view of the situation by emphasizing: “Spam and phishing attacks have evolved in their sophistication over the recent years. They are far more targeted and converged with web based threats and data stealing code. These days the emails do not contain viral code but instead contain links to web sites that download the malware – 39% of which relate to data stealing codes. These website are no longer just sites created by the perpetrators, but now are also compromised sites that have a good reputation. In fact, 70% of the top 100 websites have at some stage been associated with malicious activity and 77% of the sites that host malicious content are compromised legitimate sites. This convergence of email threats with web security and data loss now mean that a converged defense is required. This is along with, of course, education and awareness for users and good practice within IT departments.”

Websense software-as-a-service (SaaS) email security integrates best-in-class Web security and data security technology, with email security to achieve more visibility into emerging threats and one of the highest levels of protection from inbound and outbound email security risks. Referred to as an easy-to-manage service, it provides protection against spam, viruses, spyware, phishing and converged email and Web threats with SLA-backed detection rates of 99% for spam and 100% for known viruses. Pre-defined content dictionaries make it simpler to enforce email acceptable user policies, prevent data loss and meet regulatory requirements. With Websense, customers gain greater mission-critical email security, while enabling a more consolidated security.

Asked about what he expects to be the key trends in email communications that affect security most in the next few years he says: “One thing we know is that email continues to become an increasingly mission critical application for business. From a security perspective, we are seeing companies becoming increasingly aware of the “outbound risks” faced by a company rather than just the traditional “inbound threats” (virus, spam, phishing etc). By outbound risks I mean such things as confidentiality of email content, intellectual property and brand protection, through avoiding data loss or inappropriate usage and to compliance to various regulatory requirements. Studies have shown that a large proportion of a company’s intellectual property resides in their email system – yet many organizations do little to protect this. We have also noticed that the more senior they are in an organization the more they are concerned about these “outbound risks” as they are potentially the most damaging to a business.”

Nobody can deny the fact that security measures have to evolve at the same pace and hand-in-hand with IT innovations. As businesses face “modern threats” and more sophisticated attacks on a daily basis, more should be invested in protection - in a context of overall risk, Return On Security Investment (ROSI) and total cost of ownership (TCO) of a solution. In conjunction with good policy and education, a security solution needs to provide protection against these modern threats at the lowest TCO and that’s exactly what Websense tries to achieve. In today’s environment, this includes protection from converged threats Enter the company’s Threatseeker Network security architecture for e.g., which is a combination of SaaS and on premise security, and has a unified ability to control, manage and report not just on email security but also on web security and data loss. All this can be achieved by Websense via their Triton, the first security architecture that integrates enterprise-class data loss prevention (DLP) technology into Web security gateway and email security solutions.

"We have been pursuing this unified content security strategy with relentless focus since early 2007 by developing, acquiring and integrating our industry-leading Web, email and data security technologies and expanding our ThreatSeeker content analysis and threat detection capabilities," says Websense president John McCormack. "All this was done not so we could simply offer SaaS versions of our security products as some other vendors do, but so we could pave the way to the future of enterprise security by combining the power of on-premise, real-time content security with the ease of management and lower total cost of ownership provided by SaaS solutions. Above all, Triton provides Websense customers the best protection against modern threats at a lower total cost of ownership."

The Websense Triton solution is currently available to qualified organizations as part of an early adopter program. It is planned to reach full general availability for upgrade and purchase in April 2010.

By Daniela La Marca