News and Updates

Recent news stories about government programs to collect phone call and email data from many popular email providers and telecomm companies, along with allegations of foreign state-sponsored hacking and other cyber-crimes, highlight the broader issue of data security for businesses.  Other implications aside, a basic fact emerges: unless you control the access to your data, you will never know for sure who else has seen it.

Secure, private data networks and encryption will probably continue to be the first layers of security addressing vulnerabilities during transmission.  The current popularity of hosted cloud solutions, however, should give pause to a business with sensitive data or intellectual property concerns.  Sensitive data could include files regarding a proposed acquisition, upcoming legal actions, investments, protected health information, product designs, or other information that is critical to the company’s economic or competitive advantage in the marketplace.

Critical data should be stored as securely as possible, and in most cases that means a business should consider providing their own data storage and hosting email systems with their own Microsoft Exchange server.

On-premise versions of Microsoft Exchange Server can be configured with advanced Data Loss Prevention (DLP) features that include the ability to apply ‘sensitive information rules’ to the existing ‘transport’ rule set.  Email subject, body, and attachments are scanned for any content that matches the type deemed sensitive by the company.  Internal emails can be filtered in addition to externally-bound email messages.

Even with the advent of state-sponsored cyber-crimes, the most damaging and most difficult security risk against which a company needs to protect itself remains internal malfeasance.  This is the type of security breach in the recent NSA case.  Limiting the number and type of accounts with administrator-level permissions is one approach mitigating risk.  Another, as the article below mentions, is the timely installation of security and software patches. USA TODAY: How low-level insider could steal from NSA

Sound IT Services is one of the country’s leading experts on Microsoft Exchange and Active Directory.  Please contact us to discuss any secure data requirements.