MS Exchange Security Assessments

An organization's mail server is a critical business application and is often overlooked when designing security programs. But how long can a business function without Email? How much critical or embarrassing organization data is being stored and passed by employees via Email? In 2014, the Sony Corporation lost use of their Email server access for over a week and had some executive level data exposed during an attack and lead to an embarrassing situation.

Microsoft Exchange is by far the most dominant corporate mail server and is often excluded from security testing due to its criticality. Network administrators sometimes exempt Exchange servers from routine patching services due to fear of crashing the core server.

Exchange is often exposed to the Web as an open Internet service and is vulnerable to scanning and exploitation, yet Exchange' s host server security is often ignored with weak passwords and no end point protection. Our security consultants can assess and advise you on your Email server security to bring it into align with your organization's security profile. SD will look at items such as spam and malware management, server configuration and maintenance, DLP settings, AD synchronization, encryption and secure message delivery.

case studies

 
big problem:
Ransomware attack halted a global manufacturer's operations.
big thinking:
Recover and secure the system – fast – save $1 million in ransom.
 
big problem:
A not-for-profit client out of 401(k) compliance.
big thinking:
Allowing more contributions by highly paid employees.

our thoughts on

National Flood Insurance Program Extension

As I watched the pounding rain from my window for the third straight day, I could only imagine the damage this unpredictable spring weather was inflicting

read more >

Cybersecurity and nonprofits: Time to button up!

If you were to look up the biggest data breaches over the last 10 years, you would find a gathering of some of the largest companies in the world, many

read more >

Continued Compliance with CAISO SQMD Requirements in Non-Reporting Years

Is your utility company ensuring continued compliance with the CAISO SQMD requirements during non-reporting years? With the California Independent System

read more >

Cybersecurity & Employee Benefit Plans

The threat of a cyberattack is prevalent throughout the business world. Given the highly sensitive data held within employee benefit plans, it should come

read more >

Bill S. 1564 Calls for Delay of CECL Implementation Until a Quantitative Economic Impact Study is Completed

The Financial Accounting Standards Board (FASB) issued a new expected credit loss accounting standard in June 2016. This new standard introduces the current

read more >

Have a question? Ask us!

We’d love to hear from you. Drop us a note, and we’ll respond to you as quickly as possible.

Ask us

contact us

Map of Pittsburgh Office
Pittsburgh

One PPG Place, Suite 1700
Pittsburgh, PA 15222

contactsd@schneiderdowns.com
p:412.261.3644     f:412.261.4876

Map of Columbus Office
Columbus

65 East State Street, Suite 2000
Columbus, OH 43215

contactsd@schneiderdowns.com
p:614.621.4060     f:614.621.4062