Privacy and Messaging through Postini

Postini is Google’s 2006 acquisition for secure messaging, and a direct competitor to IronPort. All of their offerings surround Software As A Service (SAAS), matching directly with Google’s overall technology strategy. They provide several services, including web security, anti-spam/malware, mail filtering, and archival with indexing. The Data Leakage Prevention capabilities provide privacy protections through outbound communication filters. Additionally, there are management tools and continuity procedures appropriate for enterprise use.

Postini’s background technology stems from threat assessment and message parsing capabilities, grown through several years as a primary mail provider. There are two major patents, with a variety of claims following each one. The first patent surrounds on-demand message scanning and routing. The geographically distributed Postini data centers proxy all communications (corporate, wired, wireless, portal, etc) and filter the communications appropriately, removing viruses, spam etc. The second patent centers on threat detection and control, and methods for generating and processing a sender/ISP/country’s reputation and then acting accordingly.

The technology doesn’t seem that revolutionary today, and the online documentation frequently references the existence of prior art not mentioned in the patents. However, from a security perspective, the techniques Postini uses are sound. Communications between Postini and corporate mail servers are TLS encrypted. This allows additional features for Data Leakage Prevention by both companies. The Intrusion Detection, Anti-virus, and Anti-spam filters are all independent of the networking infrastructure, and likely include best of breed solutions whenever there’s not a better trade secret/patent in-house. Postini uses portals and web services for sending messages to non-subscriber recipients. The portals guarantee messages are not susceptible to a man-in-the-middle attack.

The Message Security and Message Delivery services offer content filtering for Data Leakage Prevention. There are consoles and rule engines for policy definition, as well as canned Personally Identifiable Information (PII) controls for things like Social Security Numbers or credit card information. The GUI apparently delivers enough rule granularity to at least filter attachment types and perform in message word detection.

Postini’s technology does not address malicious insider activities and could be its biggest weakness. This becomes more of an issue when examining the Google addition of archival and search. Site administrators may configure Postini for secure communications between corporate partner mail servers, and even make this a policy based requirement for some message delivery. This secure communication eliminates privacy issues between the corporate email servers and the Postini data centers. It does not, however, account for a messages time on disk or in use. Trusted insiders at the sender’s or recipient’s locations may manipulate or view messages. From a third party point of view, administrators at the Postini sites could possibly have enough access to circumvent many of the same protections. On Postini’s provider end, at least within Google, record access rights are strictly controlled with procedure.

Google’s approach to pricing is the most attractive part of the Postini product.  It follows the principals of scale, expecting more consumers at a lower tipping point. For $3 annually per user, Postini provides inbound email filtering (Message Filtering) for viruses, trojans, spam, etc… At $12 annually, Postini does the same for outbound messaging and adds content and attachment conttrols as well as policy monitoring and centralized administration (Message Security). The $25 per year includes the archival and search features Google threw into the mix (Message Discovery).


Leave a Reply




You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>