InteRosa takes a stab at secure e-mail

Summary:Startup seeks to protect companies against their own words.

A startup aims to help businesses protect e-mail, easing the fear and legal liability that comes after hitting the "Send" button.

QVTech Inc. told ZDNN that next Monday it will announce InteRosa, a technology that controls various aspects of e-mail. For example, a user could prevent his e-mail from being forwarded beyond the original recipient, and even lock the text of the message to deter copying.

Break the rules, "and it turns into bit sludge," said Bruce Fryer, QVTech's vice president of marketing.

E-mail fears
QVTech, a Colorado Springs, Colo. startup formed from a collection of ex-Sun, Microsoft and Cray Computer engineers, aims to take the fear out of e-mail security.

Driving the technology, which the company said was under consideration at USA.NET, a large e-mail outsourcer, are several factors, including corporate fears of e-mail being used against them in court.

"Ask Microsoft -- old e-mails can come back to haunt you," said Geoff Mulligan, QVTech's artificer (chief technical officer). The company claims its new product -- a server system dubbed InteRosa -- will allow companies to control e-mail sent by its employees across the Internet. Added Mulligan, "(InteRosa) continues to protect e-mail for the life of the e-mail."

The concern that InteRosa addresses is a relatively new one, but has a powerful poster child: Microsoft Corp. (Nasdaq:MSFT) During the on-going antitrust investigation by the Department of Justice, the software giant found words written by its own execs in e-mail used against its position.

"Companies are scared," said security and encryption expert Bruce Schneier, president of Counterpane Systems Inc., who pointed out that the mixed breeding of e-mail has employees shooting themselves in their collective feet. "E-mail has the psychological equivalent of a voice conversation but the unfortunate legal equivalence of a written conversation."

In other words, many employees are not thinking before they hit the "send" button.

On a less sensational level, several analysts said that eventually, the Internet economy will generate demand for more security.

"In our transformation to an e-business world, organizations will absolutely need to have better security as they're transferring things on the Internet," said Alan Weintraub, an analyst at Gartner Group Inc.

Is InteRosa the solution?
Weintraub thinks that by using policies, or rules that determine what employees can and cannot do, the product "extends mail one extra level from where it's ever been extended before." Whether the market is ready for that extension represents another question.

"This is a very, very immature market," he said. "Many startups are emerging and there are no dominant players in it."

Lucas Graves, an analyst at Internet researcher Jupiter Communications Inc., finds the product intriguing.

"It has interesting possibilities," Graves said. "The questions are: How much are the technology requirements a barrier to adoption, and how secure is it truly?"

QVTech is intent on making the technology easy to use, said Fryer.

"(InteRosa) is transparent. Nothing has to be pre-arranged (with the receiver, and there's) no proprietary software," he said.

Analyst said that helps give InteRosa different tack than some other players in the secure e-mail market, such as Hushmail, 1on1 and the Freedom Network.

Still, security ultimately will separate the technologies, and that is the toughest hurdle for them, said Counterpane's Schneier.

Schneier, who authored Applied Cryptography as well as a candidate for the next government encryption standard, asserts that e-mail, once it has left a company's server, can't be secured from outside attack. "Once it has left the server, it is vulnerable," he said. "Anything you can invent, (an attacker) can get around."

At the very least, a user could take a photograph of the screen.

But that might not ring the death knell for these products, said Schneier. Many companies are just looking for a way to enforce their e-mail policies. If the employees of both the sending company and the receiving company are honest, then secure e-mail could very well work.

A startup aims to help businesses protect e-mail, easing the fear and legal liability that comes after hitting the "Send" button.

QVTech Inc. told ZDNN that next Monday it will announce InteRosa, a technology that controls various aspects of e-mail. For example, a user could prevent his e-mail from being forwarded beyond the original recipient, and even lock the text of the message to deter copying.

Break the rules, "and it turns into bit sludge," said Bruce Fryer, QVTech's vice president of marketing.

E-mail fears
QVTech, a Colorado Springs, Colo. startup formed from a collection of ex-Sun, Microsoft and Cray Computer engineers, aims to take the fear out of e-mail security.

Driving the technology, which the company said was under consideration at USA.NET, a large e-mail outsourcer, are several factors, including corporate fears of e-mail being used against them in court.

"Ask Microsoft -- old e-mails can come back to haunt you," said Geoff Mulligan, QVTech's artificer (chief technical officer). The company claims its new product -- a server system dubbed InteRosa -- will allow companies to control e-mail sent by its employees across the Internet. Added Mulligan, "(InteRosa) continues to protect e-mail for the life of the e-mail."

The concern that InteRosa addresses is a relatively new one, but has a powerful poster child: Microsoft Corp. (Nasdaq:MSFT) During the on-going antitrust investigation by the Department of Justice, the software giant found words written by its own execs in e-mail used against its position.

"Companies are scared," said security and encryption expert Bruce Schneier, president of Counterpane Systems Inc., who pointed out that the mixed breeding of e-mail has employees shooting themselves in their collective feet. "E-mail has the psychological equivalent of a voice conversation but the unfortunate legal equivalence of a written conversation."

In other words, many employees are not thinking before they hit the "send" button.

On a less sensational level, several analysts said that eventually, the Internet economy will generate demand for more security.

"In our transformation to an e-business world, organizations will absolutely need to have better security as they're transferring things on the Internet," said Alan Weintraub, an analyst at Gartner Group Inc.

Is InteRosa the solution?
Weintraub thinks that by using policies, or rules that determine what employees can and cannot do, the product "extends mail one extra level from where it's ever been extended before." Whether the market is ready for that extension represents another question.

"This is a very, very immature market," he said. "Many startups are emerging and there are no dominant players in it."

Lucas Graves, an analyst at Internet researcher Jupiter Communications Inc., finds the product intriguing.

"It has interesting possibilities," Graves said. "The questions are: How much are the technology requirements a barrier to adoption, and how secure is it truly?"

QVTech is intent on making the technology easy to use, said Fryer.

"(InteRosa) is transparent. Nothing has to be pre-arranged (with the receiver, and there's) no proprietary software," he said.

Analyst said that helps give InteRosa different tack than some other players in the secure e-mail market, such as Hushmail, 1on1 and the Freedom Network.

Still, security ultimately will separate the technologies, and that is the toughest hurdle for them, said Counterpane's Schneier.

Schneier, who authored Applied Cryptography as well as a candidate for the next government encryption standard, asserts that e-mail, once it has left a company's server, can't be secured from outside attack. "Once it has left the server, it is vulnerable," he said. "Anything you can invent, (an attacker) can get around."

At the very least, a user could take a photograph of the screen.

But that might not ring the death knell for these products, said Schneier. Many companies are just looking for a way to enforce their e-mail policies. If the employees of both the sending company and the receiving company are honest, then secure e-mail could very well work.

Topics: Microsoft, Servers, Start-Ups

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.