Dmitriy Shpilko - Fotolia
A number of recent data breaches making headlines have caused many businesses to take a closer look at their own security. And one of the most critical applications in a business -- Microsoft Exchange -- should be front and center in that evaluation.
Because of Exchange's criticality, it can be the first point of entry that leads to a data breach. For a business to experience a breach similar to those at Home Depot or Staples, all it takes is something as simple as a missed patch or a compromised password. Exchange admins must evaluate the security of their organization's setups by looking for any weaknesses.
In his Exchange series, information security consultant Kevin Beaver used these recent data breaches as examples of how Exchange admins can learn from others' mistakes. Beaver goes into detail about how to apply some well-known security concepts to a messaging setup and prevent similar breaches from happening in your organization.
Recognize the cause of a data breach
Exchange admins must perform a full security assessment to identify and fix any low-hanging fruit that can lead to breaches. Staying up-to-date on the latest security reports can help admins learn how hackers are attacking systems in recent data breaches. Knowing the common causes of breaches can help prevent them in your email environment.
Understand why phishing attacks are successful
It may surprise you to learn that many of the recent data breaches stemmed from email phishing attacks. There are three common slip-ups involving warning signs, prevention and end user awareness that can lead to phishing attacks. Exchange admins should take the time to learn why these attacks are so successful to develop a prevention strategy.
Implement layered security in Exchange
Even if you think your Exchange setup is adequately protected, you should create a layered security approach. There are a number of Exchange and network-related controls available to protect Exchange. Learning how to layer these technologies can help admins strengthen Exchange's resiliency and protect it from attacks.