Yesterday, I talked about three best practices for Exchange security: Not exposing a Server containing mailboxes to the outside world, using a two-tier approach for virus protection and keeping Exchange up to date.
Today I am going to focus on two other equally important best practices.
As I mentioned in part one, a recent SearchExchange.com poll found that 52% of respondents spend between 25% to 50% of their work time on security-related issues. Another 23% said that they spend more than 50% of their day on security-related challenges.
While it is challenging to ensure your Exchange Server is protected from various security threats, there are some steps you can take to avoid them.
Best Practice #4: Do plan for disaster
You probably back up Exchange every night, but have you ever tested your backups?
When I worked for the Department of Defense, we didn't know that our Exchange database was slightly corrupt. The database was in good enough condition that Exchange was able to run for quite some time, but the corruption caused Exchange to crash. We didn't realize that we had been backing up corrupt data each night for the last two months. Since the data was corrupt, we were unable to mount the database after the restore operation was completed. Since our backups were invalid, we had to repair the existing database. We eventually got the database to mount, but lost a lot of data during the repair.
In all fairness, Exchange has improved a lot since then. Even so, there are still a lot of people running Exchange 5.5, which is the same version of Exchange that we had the problem with. Our problem could have been much less severe had we occasionally restored our backups onto a test server to validate them. At the first sign of trouble, we could have begun repairing the databases rather than waiting for the problem to become so bad that the system crashed.
Best Practice #5: Do take advantage of Intelligent Message Filter
One of the biggest risks to Exchange security is spam. Spam often carries viruses, Trojans, spyware or links to malicious content. The problem is that good Exchange level antispam software has traditionally been expensive. Recently, though, Microsoft has released the Intelligent Message Filter as a free add-on for users of Exchange Server 2003.
The Intelligent Message Filter is an enterprise level, antispam application based on Microsoft's experience with Hotmail and MSN. Microsoft has produced about half a million different criteria to determine whether or not a message is spam or legitimate e-mail.
If you work in a small company that currently has no spam protection, then downloading and installing the Intelligent Message Filter is a no-brainer. You can get it here. If, on the other hand, you already have antispam software and are happy with its performance, then you might want to evaluate the Intelligent Message Filter on a test server prior to deploying it in a production environment.
Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Windows 2000 Server and IIS. Brien has served as the CIO for a nationwide chain of hospitals and was once in charge of IT security for Fort Knox. As a freelance technical writer, he has written for Microsoft, CNET, ZDNet, TechTarget, MSD2D, Relevant Technologies and other technology companies. You can visit his personal Web site at http://www.brienposey.com.
Do you have a useful Exchange tip to share? Submit it to our monthly tip contest and you could win a prize and a spot in our Hall of Fame.
