You’d have to have spent the last two years of your professional career living under a rock to have not come across “the cloud”. The cloud – this; the cloud – that; the cloud, the cloud, the cloud… Cloud computing promises to be the next sea change in information technology, as more and more Somethings as a Service (*aaS) hit the market, with every player from Microsoft and Google all the way down to JoeBob’s Hosting trying to get in on the action.

Email services look to be the most common, some of the easiest to move to the cloud, and certainly of the most interest to readers of this blog. My colleagues Jeff Orloff and Paul Mah have both written some great articles around this topic already. Today, I want to talk about cloud based email services from a different point of view; that of the email admin who thinks the cloud will make his or her job go away.

Continue reading Inside Every Cloud Is a Silver Lining

In Understanding Email Encryption Part 1 I covered not only why encrypting email is important, but also the two different types of email encryption: asymmetrical and symmetrical.

There was another section that briefly mentioned some of the barriers that impede buy-in from management when it comes to an encryption solution. But these were only touched upon.

Unfortunately when it comes to making a pitch for encryption, those who understand the need for it are an easy sell. Those who either don’t understand it or see the need for it often cite one or more of these stigmas that are attached to email encryption as reason to avoid it. Continue reading Understanding Email Encryption (Part 2)

It doesn’t matter if your company uses email to communicate corporate secrets, confidential financial information, or just an invite to the annual picnic; people who weren’t intended to see the message shouldn’t be able to. Continue reading Understanding Email Encryption (Part 1)

So you have been tasked with securing your organization’s email services.

There are quite a few guides available on the Internet and in different computer bookstores that can take you through the basics – and if you are ahead of the game you may have already done your homework. Continue reading Secure Your Desktop – Protect Your Email

When you don’t understand something that your job requires you to know, the most logical thing to do is research the topic and learn as much as you can about it. For many people who find security as part of their job description, learning as you go is the only option available. Yet despite the fact that there is so much information readily available to us, misconceptions regarding email security still confuse many professionals tasked with maintaining the confidentiality, integrity and availability of email services. Continue reading Misconceptions About Email Security

When looking at solutions on securing email, many people don’t take into consideration the type of business environment they work in. All too often, after spending a great amount of time and money, small to medium-sized enterprises find out that what works for a company the size of Bank of America doesn’t quite work for them.

To better help SMBs find solutions scaled to their needs when it comes to email security, I have compiled a list of 5 tips that address the risks and restraints that they face. Continue reading 5 Essential Tips for SMB Email Security

Advanced persistent threats make email security a necessity

Most email administrators consider security to be a large part of what they do. With so many laws and regulations governing the storage, discovery and retrieval of email messages, security has become a second job to many.

Unfortunately, many administrators either forget, or simply aren’t aware, that securing email requires much more effort than hardening the email servers against attack. In order to fully protect your organization’s email and their contents the mailbox also needs to be defended. Especially when you consider how popular Advanced Persistent Threats are becoming with large cyber crime syndicates who use email not only as a way to harvest sensitive information, but also as a method of attack through phishing and social engineering. Continue reading Tips for Better Email Security

The recent spike in security breaches resulting from meticulously planned and executed spear phishing attacks may have forced email administrators to start thinking of topics that they may never have considered previously, such as the repercussion of a hacked Exchange Server account, or the reasons why hackers would be interested in attacking your email server.  Indeed, you may have already read Securing Your Microsoft Exchange 2010 Server, and have duly implemented the various hardening measures that I’ve linked to in that article. Continue reading Simple Penetration Testing Strategies for Your Exchange Server

Getting your co-workers to adhere to policies that govern the use of email in the workplace can be tough. Despite your best efforts, email is still used to send jokes, chain letters, pictures, slide shows and other inappropriate content.

For whatever reason, people don’t quite get that not only are email policies in place to protect them and the company brand, but there are consequences for violating these policies. Unfortunately, the only time when people begin to comprehend just how serious email policies are is when it is too late.

Continue reading Email Scandals That Should Make Us Think Twice

In just one week Google, the International Monetary Fund and Citigroup have all made headlines as a result of email associated with them being under attack. The reason we continue to see companies make the news as a result of email attacks is that email security is sometimes ignored when it comes to training users properly and making good decisions. In some cases, having the latest and greatest when it comes to security tools even creates a false sense of security that causes us, and our users, to overlook the little things. A multi-layered defense that has been properly configured with all the best technology can be rendered useless if the little things are forgotten.

Continue reading 5 Simple Mistakes When it Comes to Email Security