MS Exchange Security Assessments

An organization's mail server is a critical business application and is often overlooked when designing security programs. But how long can a business function without Email? How much critical or embarrassing organization data is being stored and passed by employees via Email? In 2014, the Sony Corporation lost use of their Email server access for over a week and had some executive level data exposed during an attack and lead to an embarrassing situation.

Microsoft Exchange is by far the most dominant corporate mail server and is often excluded from security testing due to its criticality. Network administrators sometimes exempt Exchange servers from routine patching services due to fear of crashing the core server.

Exchange is often exposed to the Web as an open Internet service and is vulnerable to scanning and exploitation, yet Exchange' s host server security is often ignored with weak passwords and no end point protection. Our security consultants can assess and advise you on your Email server security to bring it into align with your organization's security profile. SD will look at items such as spam and malware management, server configuration and maintenance, DLP settings, AD synchronization, encryption and secure message delivery.

case studies

 
big problem:
Ransomware attack halted a global manufacturer's operations.
big thinking:
Recover and secure the system – fast – save $1 million in ransom.
 
big problem:
High tax burden for family-owned franchisor.
big thinking:
Comprehensive planning for a 15% tax reduction.

our thoughts on

Top Risks to Keep On Your Radar for 2020

We live in a disruptive world where the risks companies face are constantly evolving. Risks not on your radar today could easily be brought to light within

read more >

Questions to Ask Before Ransomware Hits Your Business

In the past, a ransomware attack would target a single computer and ask the victim for $500. But now, what we see during our own cyber-incident response

read more >

The Physical Side of Cybersecurity

At Schneider Downs, we always strive to uphold our responsibility to serve as trusted cybersecurity advisors to our clients and to the community at large.

read more >

Vulnerability Scanning versus Penetration Testing

When organizations look to assess the resiliency of their information systems, there tends to be some confusion around what exactly vulnerability scanning

read more >

SOC 2 Examinations - Keys to Success

“What do you need for a SOC 2 Audit?” Prior to starting a SOC 2 examination, clients often ask us what they can do to ensure an efficient audit

read more >

Have a question? Ask us!

We’d love to hear from you. Drop us a note, and we’ll respond to you as quickly as possible.

Ask us

contact us

Map of Pittsburgh Office
Pittsburgh

One PPG Place, Suite 1700
Pittsburgh, PA 15222

contactsd@schneiderdowns.com
p:412.261.3644     f:412.261.4876

Map of Columbus Office
Columbus

65 East State Street, Suite 2000
Columbus, OH 43215

contactsd@schneiderdowns.com
p:614.621.4060     f:614.621.4062

Map of Washington Office
Washington, D.C.

1660 International Drive, Suite 600
McLean, VA 22102