Over the years, Microsoft has taken its lumps when it comes to security however as a company, they have taken some pretty impressive strides to make sure that their products are more secure.
However, their security efforts have not been limited to just their products. They have launched several educational campaigns aimed at helping users better secure their computers and networks.
These efforts can be seen by Microsoft’s latest report, Microsoft Security Intelligence Report, and its corresponding website.
This project was set up to provide businesses and consumers with hard data concerning security risks and best practices from Microsoft themselves on how to mitigate the various risks.
Being the producer of the most popular email client software packages – Outlook, Hotmail, Outlook Express and Windows Live Mail – they have a definite interest when it comes to helping users guard against email threats.
Spam, according to Microsoft:
So we can safely say that as an organization, there is little that they haven’t seen when it comes to protecting email systems.
To best fight the many different threats facing email, all inbound email to Microsoft much pass a three-tiered process to include anti-malware scanning, file removal and spam filtering.
The importance of this approach is simple. Stop threats before they reach the user.
Incorporating an anti-malware scan into messaging systems helps protect the integrity of your systems because threats can be stopped before a user has the opportunity to allow infected files to compromise a computer or network.
Likewise, a file removal process prevents malicious executables sent via email attachment from ever having the chance to launch. Followed with adequate spam filtering, this process reduces the need for organizations to rely solely on a desktop based security solution or a network firewall. Both of which do not provide comprehensive protection on their own.
These strategies seem like common sense steps that we would hardly need to rely on Microsoft to provide. However many organizations neglect to incorporate these simple strategies into their planning.
Turning to experts for advice when it comes to security does not mean we are unable to do things on our own, it means we are wise enough to use what works and smart enough to know where to look.
However, their security efforts have not been limited to just their products. They have launched several educational campaigns aimed at helping users better secure their computers and networks.
These efforts can be seen by Microsoft’s latest report, Microsoft Security Intelligence Report, and its corresponding website.
This project was set up to provide businesses and consumers with hard data concerning security risks and best practices from Microsoft themselves on how to mitigate the various risks.
Being the producer of the most popular email client software packages – Outlook, Hotmail, Outlook Express and Windows Live Mail – they have a definite interest when it comes to helping users guard against email threats.
Spam, according to Microsoft:
- Wastes resources
- Distracts recipients
- Puts assets at risk for greater security problems
- Provides an avenue for social and criminal hacking attempts
- Provides an avenue for phishing scams against users
A Look Inside Microsoft
According to their website, Microsoft filters between five to ten million email messages every day that contain malware and/or spam. On a daily basis, they see threats that include spyware, worms, attacks from botnets and polymorphic viruses attacking their email messaging systems. Each day more than 100 different types of executable files are removed from incoming messages sent to Microsoft employees.So we can safely say that as an organization, there is little that they haven’t seen when it comes to protecting email systems.
To best fight the many different threats facing email, all inbound email to Microsoft much pass a three-tiered process to include anti-malware scanning, file removal and spam filtering.
The importance of this approach is simple. Stop threats before they reach the user.
Incorporating an anti-malware scan into messaging systems helps protect the integrity of your systems because threats can be stopped before a user has the opportunity to allow infected files to compromise a computer or network.
Likewise, a file removal process prevents malicious executables sent via email attachment from ever having the chance to launch. Followed with adequate spam filtering, this process reduces the need for organizations to rely solely on a desktop based security solution or a network firewall. Both of which do not provide comprehensive protection on their own.
These strategies seem like common sense steps that we would hardly need to rely on Microsoft to provide. However many organizations neglect to incorporate these simple strategies into their planning.
Other Ideas from Redmond
Keeping systems protected cannot be done by simply scanning incoming messages for threats. Other steps need to be taken. The best practices that Microsoft recommends to organizations are as follows:- Provide email submission services on port 587.
- Require SMTP authentication for email submissions.
- Abstain from interfering with connectivity to port 587.
- Configure email client software to use port 587 and authentication for email submission.
- Block access to port 25 from all hosts on your network other than those you explicitly authorize to perform SMTP relay functions.
- Monitor outbound email traffic patterns and look for deviations from normal behavior, such as abnormally large bursts of email traffic.
- Disable computers or individual email accounts that have been compromised and are being used to send out spam.
- When possible, process abuse complaints from third parties for email that originated from your mail servers. These complaints often point the way to a compromised computer.
Turning to experts for advice when it comes to security does not mean we are unable to do things on our own, it means we are wise enough to use what works and smart enough to know where to look.
0 comments:
Post a Comment