As consumers of messaging services, particularly e-mail, we havebecome addicted to attachments. This habit has become an easyavenue for mounting cyber-attacks against an organization.

In the 2010 Verizon Data Breach Investigations Report, conductedin cooperation with the United States Secret Service, 38% ofbreaches utilized some form of malware and 28% employed socialtactics.

It is quite typical for e-mail to be used as the deliveryvehicle for malware, and social engineering is used to facilitatethe design of the e-mail to induce the recipient to open it and theattachment.

This attack works because we have conditioned ourselves and ourcustomers, clients, vendors and other third parties to trust e-mailas a medium of exchange. It would seem that this trust is not wellfounded and that the paradigm should be re-examined.

From the perspective of a historical parallel, Cholera epidemicsin New York City in 1832, 1848-49 and 1854 killed thousands ofpeople. It led to the founding of the Board of Health in 1866 andthe adoption of improved standards for sanitations that eventuallyeradicated the disease.

Treating the individuals during each of the outbreaks had beenineffective and in some cases counterproductive as more people wereexposed to the disease. Improving sanitation and overall socialhygiene effectively eliminated the root cause of the disease.

The current state of polymorphic malware makes treating theaffected systems similarly difficult. The number of malwarevariants, combined with polymorphic characteristics, makesdetection and removal extremely challenging if not impossible.Therefore, the most effective approach may be to eliminate the rootcause; in this case, e-mail attachments.

Many organizations have already implemented some form ofDocument Management System (DMS) or in the broader sense EnterpriseContent Management (ECM). A DMS provides a centralized repositorythat supports several common functions; Check In/Out, VersionManagement, Search & Navigation and Document Organization.Products such as Documentum, eDocs, NetDocuments and Sharepoint arerepresentative of this class.

Implementing a DMS is a relatively trivial exercise in terms oftechnology. The products are proven and the underlyinginfrastructure is common in today's IT environment. It should alsobe noted that security controls around the DMS are critical, buteasier to achieve than the traditional model where this sameinformation is scattered throughout the organization. However,changing the habits of the workforce will be the most challengingaspect of the project.

There are other advantages in creating a DMS-centric operationfor your organization:

1. The DMS provides a central, single version of documents andwill help prevent “version-it is” in the creation-review-editprocess;
2. Distribution of sensitive, private or otherwise controlledinformation can be restricted more easily;
3. Backup and recovery is simplified by eliminating the end pointsfrom the problem;
4. A centralized DMS repository may facilitate the notificationprocess in response to a data breach;
5. The organization of the DMS facilitates compliance witheDiscovery requirements, (e.g., litigation hold), in a litigationscenario; and
6. Creation of a portal for access by known/trusted third partiessupports the secure transmission of sensitive information withoutexposing it to the internet.

Eliminating e-mail attachments may seem to be a formidable task.However it may be the most realistic means of reducing the threatof malware to the enterprise. So what is stopping you from “kickingthe habit”?

JohnRostern is managing director, Northeast, for CoalfireSystems.