Administrators confident about the safety of their data encrypted on company laptops should start squirming if a recent court decision passes muster in the United States.

The case involves a Colorado woman who has been ordered to open the encrypted drives on her laptop for federal investigators.

Unlike the cops on television shows and movies, who always seem to have a computer wizard on hand to decrypt a hard drive or crack a password, law enforcement authorities in Colorado, stymied by the encryption on a notebook in the possession of Romona Fricosu, simply went to a judge and asked him to order her to type in her password so they could see what was in the encrypted files.

In arguing against opening the files, Fricosu claimed doing so would violate her civil rights, in particular her Fifth Amendment rights against self-incrimination. Her reasoning was that the government, by forcing her to give up her password for decrypting the drive, were forcing her to incriminate herself if there were anything on the drive tying her to their criminal investigation of a mortgage scam. They believe Friscou is involved the scam that defrauded banks in the Colorado Springs area of some $900,000. Continue reading Government can force you to decrypt your data

Google recently hung a ‘going out of business’ sign on its Message Continuity service for users of Microsoft Exchange. Google will continue to provide the service to its users until their contracts run out, but after that, they’re on their own.

Since the service was launched a little over a year ago, “hundreds” of businesses have subscribed to the offering, which uses Google’s cloud to provide email continuity when a Microsoft Exchange environment is interrupted for any reason.

Hundreds of users, though, can’t compete with the “millions” of businesses that have moved their entire email operation to Google Apps, so Searchzilla has decided to scrap its continuity product for Exchange  and concentrate all its resources on its application suite. Continue reading Google deserts Exchange users by killing Message Continuity

Email compliance is always a hot issue. Yet even while there are laws and regulations governing how certain industries send, receive, store and secure email messages, 73.7% of people who responded to a survey admitted that they had violated email compliance policies at their workplace.

It is important to note as well that this number represents those who knowingly violate company email policies. The same survey showed that 42.7% of those asked claim that their company either doesn’t have email compliance policies, or they were unsure if such a policy was in place.

So what are some of the most common violations of these policies? Take a look:

Continue reading 5 Most Common Violations of Email Compliance

At one time or another, most email administrators are tasked with the responsibility of writing up policies that govern the use of email in an organization. These policies are necessary to:

• Protect against email based threats and vulnerabilities
• Reduce the organization’s liability if email is used inappropriately by employees
• Prevent misconduct when it comes to email use
• Educate employees on email etiquette
• Inform employees of email monitoring policies. Continue reading 5 Ways To Increase Email Policy Compliance

Back in October of 2009 the City of Los Angeles voted unanimously to outsource their email services to Google. While many other organizations have made similar moves, this move made Los Angeles the largest city in the United States to hand over its messaging services to Google, Inc.

For $7.2 million, all 30,000 city employees would be turning to the cloud for email.

This was a huge win for Google because not only did they beat out their rival, Microsoft, but a successful implementation would easily pave the way for future business with local governments. Continue reading For Los Angeles, Not Every Cloud Has A Silver Lining

There was a time when using PST files were thought to be the solution to file storage problems. Getting emails out of the user’s mailbox and onto a shared repository not only freed up email inboxes from increasing file sizes, but also gave admins a central location in which all emails could be backed up and archived.

Add to these benefits the fact that PST files could be separated so emails related to a project, client, subject, etc could be stored and archived separately, and many would think that this solution was all that an IT department would need to manage their archiving and storage needs.

Of course PST files aren’t a panacea; they have many problems associated with them. Continue reading Two Big Problems With PST Files

One of the most common applications to move to the cloud is email. Quite frankly, most small and medium sized businesses choose to let a cloud provider host their email because:

• Email services are always up and running
• Email can be accessed from anywhere
• It is scalable – you can increase or decrease as needed
• It is affordable (you only pay for what you use)
• It frees up resources (IT staff) for other projects. Continue reading Cloud Based Email, Best Practices for Before You Move

In Understanding Email Encryption Part 1 I covered not only why encrypting email is important, but also the two different types of email encryption: asymmetrical and symmetrical.

There was another section that briefly mentioned some of the barriers that impede buy-in from management when it comes to an encryption solution. But these were only touched upon.

Unfortunately when it comes to making a pitch for encryption, those who understand the need for it are an easy sell. Those who either don’t understand it or see the need for it often cite one or more of these stigmas that are attached to email encryption as reason to avoid it. Continue reading Understanding Email Encryption (Part 2)

When looking at solutions on securing email, many people don’t take into consideration the type of business environment they work in. All too often, after spending a great amount of time and money, small to medium-sized enterprises find out that what works for a company the size of Bank of America doesn’t quite work for them.

To better help SMBs find solutions scaled to their needs when it comes to email security, I have compiled a list of 5 tips that address the risks and restraints that they face. Continue reading 5 Essential Tips for SMB Email Security

Advanced persistent threats make email security a necessity

Most email administrators consider security to be a large part of what they do. With so many laws and regulations governing the storage, discovery and retrieval of email messages, security has become a second job to many.

Unfortunately, many administrators either forget, or simply aren’t aware, that securing email requires much more effort than hardening the email servers against attack. In order to fully protect your organization’s email and their contents the mailbox also needs to be defended. Especially when you consider how popular Advanced Persistent Threats are becoming with large cyber crime syndicates who use email not only as a way to harvest sensitive information, but also as a method of attack through phishing and social engineering. Continue reading Tips for Better Email Security