With employees spending increasing amounts of time processing email each day - some estimates putting this at as much as one to two hours - and the vast majority of it being unsolicited junk, any program that helps with the sorting process, and does so in a secured way, is a bonus. RitLabs’ SecureBat! is just such a program, offering a number of features that speed up the processing of email.

For security, SecureBat! uses two factor authentication - hardware token and password - in the form of a Rainbow Technologies iKey which needs to be configured before SecureBat! is installed. iKeys make use of the USB port on the PC so a card reader is not required, although USB-based smartcard readers are starting to appear in their own right. In addition to this, RitLabs claims that SecureBat! will run on Microsoft Windows 95. USB support on Windows 95 started with OSR2.1 which manifested itself on OEM machines. Installation on such a machine was straightforward and there were no problems installing and running the iKey drivers or the management software. USB ports for those machines that do not have them are fairly low-cost and easy to install but although SecureBat! runs well on Windows 95 OSR2.1, you may find that you have to upgrade to Windows 98 for full USB support for other peripherals.

iKey configuration is performed with the Token Manager which enables the security officer to take a token, give it a friendly name such as ‘Paul’s token,’ change the user’s PIN and so on. It also allows the security officer to create IDs and add them to the token. SecureBat! is installed on the PC using one of the IDs on the token and once this has happened, SecureBat! cannot be used without a token carrying that particular ID plugged into the PC. This is not just for initial authentication purposes, as removal of the iKey during a session will cause the SecureBat! window to minimize and a warning message to be displayed offering the user the option of reinserting their key or ending the session, losing any changes.

If the user loses their token, the security officer can generate another one which will work although it must be pointed out that a token can carry several dozen IDs all protected by only one PIN, thus putting the security officer in a position of absolute power. Also, SecureBat! will accept different keys with the same ID as long as the correct PIN is used for each key although, if the iKey is removed during a session, the same iKey must be used to reinstate that session, regardless of the fact that another iKey has the correct ID on it. One disadvantage is that if the user suspects that somebody else is using their mail program, it is not possible for SecureBat! to disable a particular iKey and PIN. Further, although sessions may be logged in detail, the serial number of the iKey is not recorded.

Installation is fairly quick and straightforward and once SecureBat! is installed, the user needs to set up the account, using their user name, domain name, SMTP and POP3 server names and of course their mail server’s password, choosing by what means this should be sent over the network for authentication.

In addition to this, information from their existing email program may be imported. Address book information may be imported in a variety of forms: LDIF files; business cards (vCard); INI files; and plain text in the form of comma separated, tab delimited or just a plain address list, among others. You may need to export your existing address book into one of these formats but SecureBat!’s import process is particularly effective. Once the address book is imported, this may provide an appropriate opportunity to thin it down to the more essential addresses that the user needs.

Further to the address book, existing mail may be imported directly from the user’s previous program, thus allowing continuity in current message threads. MSG, EML and UNIX mailboxes may be imported and failing that, there is a wizard that also allows the import of mail from a variety of programs including Eudora, Pegasus, various Netscape programs and Microsoft Outlook and Outlook Express going back as far as version 4. However, the names and the original tree structure of the mail folders are not preserved and you are left with a great number of folders with the name FolderXX, all on the account’s root, requiring some sorting. Once you have found out what is in the folders, folder names may be edited with a few keystrokes and a new tree structure is fairly easy to build. Again, this presents an opportunity to remove some of the older and potentially less useful mails you may have saved. All email that is stored on the disk is encrypted - at no time being stored as plain text.

SecureBat! supports PGP and S/MIME, the user being able to generate their own RSA-based PGP key-pairs or import others from mail, text, or cutting and pasting from the clipboard using the key manager, although the PGP implementation on SecureBat! does not recognize or generate the more secure Diffie-Hellman keys. The user can opt to encrypt, sign, or encrypt and sign, messages as they are sent.

Inbound mail may also be scanned for viruses as SecureBat! is integrated with Kaspersky Anti-Virus and will accept external anti-virus plug-ins as .bav files, although this is not supported by all anti-virus vendors.

Apart from the security side of SecureBat!, there are a number of other features that help with the processing of mail. Firstly, mail may be sorted on the server, deleting it, inspecting headers and so on, without downloading the body of the mail. Once downloaded, filters are used to inspect mail for certain strings with a number of outcomes available as a result of matching each particular set of criteria. For example, the sender field of mails may be scanned for a certain string and any matching mail may be automatically moved to a particular folder, flagged, have an automatic response sent, forwarded and so on, although the user must be cautioned about programming SecureBat! to send automatic replies, forwards or redirects so as to avoid causing mail jams. In this way, much of the junk mail can be filtered out and other mail sent to folders where it may be read at an appropriate time.

SecureBat! is feature-heavy and has a number of shortcut key combinations, one for almost every function. It performs as claimed with good sorting facilities, and the protection that the iKey gives it should make it appeal to people who work from home or on the road, where physical perimeter security is not as good as on-site.
  

SC On-Line
SC Magazine
www.scmagazine.com