Don’t just block it, strip it and send it!
Whilst at InfoSec we spoke to the folks at Cisco about their IronPort e-mail gateway (an acquisition in early 2007), our question was “how can we put in place a more intelligent way of quarantining e-mail embedded with images”?
You see, I work within a large financial services organisation and instead of risking reputational damage by letting through a potentially offensive photo, we quarantine it and ask that the recipient requests its release based upon the business need.
The downside here is that you get a lot of service desk requests!
Most e-mail vendors will have image scanners, these will look for flesh tones and predefined thresholds, this of course does not get round senders with embedded logos within documents or signatures etc. The recommendation? Simply strip the image from the e-mail and send it, most of the time people just want the message without logos etc. Of course the other consideration here is that the original mail is kept intact in case the image is required!
We expect a drop of 30%+ in e-mail release requests!
Would be nice if they had built in repository for “allowed” images. Compare two images, if in repository, allow it, if not, block it. Should not be too difficult, should it?