Building an impenetrable defense
There are many components to look for when building a messaging infrastructure that will not only efficiently manage data, but more importantly will keep the system secure. Considerations such as user authentication, session and content encryption, and virus and spam protection are important to factor into your decision. Also, the type of system you choose can determine the success or failure of your security efforts.
There are two main methods of message deployment: software running on a general-purpose server or a purpose-built messaging solution. Internet messaging appliances are emerging as the hacker-proof answer to the increasingly complex problem of securing Internet messaging. Because these purpose-built solutions are optimised for messaging, unnecessary ports are not left open as in the case of general-purpose servers running messaging software. As a result, there are no gaping holes where hackers can gain access to the system.
Another main advantage of an Internet messaging appliances is that they are designed as closed systems. They support only messaging protocols such as Simple Mail Transport Protocol (SMTP), the messaging language used for server-to-server connections and Post Office Protocol (POP) or Internet Messaging Access Protocol (IMAP), the messaging languages for server-to-client connections.
An administrator has another defense through an appliance's integrated content filtering mechanism. By using content filtering, companies can enforce mail by setting corporate policies to monitor and filter both inbound and outbound messages. Content filtering detects key words in the message body or header and allows administrators to have messages be re-routed to another mailbox, sent back to the sender or deleted.
User Authentication
User Authentication is an important feature to consider when selecting the right messaging security solution. An Internet-based email system should support well-known proprietary and emerging standards-based authentication methods to ensure that each user logging on is legitimate. Ideally, the email system you choose should work with the authentication method that already exists on your network. This saves you the hassle and expense of installing another authentication mechanism over an existing one.
Also, consider future authentication standards when selecting a messaging system that will provide the security your organisation needs. Lightweight Directory Access Protocol (LDAP) is a directory service specification with security and authentication features considered to be the emerging standard. Deploying a messaging infrastructure that will support eventual migration to LDAP will pay off by saving you time, money and effort in the future.
Access control list (ACL) support is another important user authentication security feature that should be included in a secure messaging system. ACL allows administrators and users to create shared folders, a helpful tool for business collaborations. Users can give permission for others to read, write, edit or delete items in the folder. They can also easily post information to the folder or deny access to ensure privacy. Make sure your system supports IMAP4, the protocol that provides the capability for ACL in addition to many other features such as server-based message storage and message header viewing.
