SlideShare a Scribd company logo

Security With Hosted Exchange

I
Intermedia2013

This document summarizes the key points from a webinar about email security with hosted Exchange. It outlines 14 elements of Exchange security that are important to know about. These include multi-tenant platform security, physical security of datacenters, employee security practices, redundant internet providers, authentication and access controls, dedicated security staff and monitoring, privacy policies, third-party audit reports, PCI compliance, anti-spam capabilities, anti-virus protection, security for mobile devices, data replication for continuity, and encryption options. The webinar provided details on how Intermedia addresses each of these security elements.

TechnologyBusiness
1 of 28
Security With Hosted Exchange: What You Need to Know Now Panelists Ryan Barrett, Vice President, Security and Privacy Marc Blakeney, Director, Product Marketing, Office in the Cloud & Exchange
Mark Blakeney Director, Product Marketing, Office in the Cloud & Exchange Ryan Barrett Vice President, Security & Privacy Questions We love questions. If you have one during the webinar, please expand the GoToWebinar chat window and ask away. Following the webinar we will address as many questions as we can. Welcome—Thank You for Joining Us
Office in the Cloud: Our Suite of Services Office IN THE Cloud™ Email File Management Collaboration Backup & Security Cloud Server Mobility Voice Services Reliability You can trust the cloud to securely underpin your business. Empowerment You can manage and use your cloud any way you want. Support You can rely on us 24/7 to assure ease of doing business. INTERMEDIA’S DIFFERENCE: THE WORRY-FREE EXPERIENCE HostPilot® Control Panel 3
Agenda 1. The Importance of Exchange Security 2. 14 Elements of Exchange Security (That You Need to Know Now) 3. Questions and Q&A 4
The Importance of Exchange Security 5Confidential
6 Why Does Exchange Security Matter? A breach in email security could… … infect your own systems … corrupt your business-critical systems and data … require extensive time and resources to recover … cause lost revenue and missed business opportunities … infect your customers/partners systems … infect your competitors’ systems … open you up to legal liability
7 Why is the Cloud Actually More Secure? Hosted Exchange security far exceeds the reasonable capacity of the average business’s in-house IT team. - Physical security - Datacenter facilities - Hardware and software - Third-party auditing - And much, much more
8 Poll Question Confidential What are your top email security concerns? (select all that apply)  Data loss or theft  Data corruption or recovery  Virus infections  Regulatory compliance  None of the above
14 Elements of Exchange Security (That You Need to Know Now) 9
1. Multi-Tenant Platform Security 10 THE RISK Datacenters are hosting multiple clients simultaneously. THE SECURITY IMPERATIVE The provider must protect against unauthorized access between accounts. Ask a provider about: - Firewalls - VPNs - Traffic management tools - Intrusion Protection Systems Intermedia’s approach:  Redundant, enterprise-class firewalls  Multiple Intrusion Prevention Systems (IPS) employed (host and network)
2. Physical Security 11 THE RISK Your data is vulnerable where it exists in the real world. THE SECURITY IMPERATIVE The providers’ datacenters must be physically protected. Ask a provider about: - Cameras - Perimeter security - Employee access controls Intermedia’s approach:  Closed-circuit TV  Secure access policies  Security guards
3. Employee Security 12 THE RISK Exchange provider employees require access to your data. THE SECURITY IMPERATIVE The provider must vouch for the trustworthiness and competency of their employees. Ask a provider about: - Background checks - Employee experience - Do they have dedicated personnel? - Training and certifications - Outsourcing Intermedia’s approach:  Background checks  Two-factor authentication and role-based access control  Restricted server access
4. Redundant Internet Service Providers 13 THE RISK The datacenter must be connected to the Internet in order to provide service. THE SECURITY IMPERATIVE Protection against provider downtime and Distributed Denial of Service attacks? Ask a provider about: - Who are their Internet Service Providers? - DDoS protection - Mitigation technologies Intermedia’s approach:  Multiple Tier-1 Internet providers including Sprint, Level 3 and Verizon
5. Authentication and Access 14 THE RISK Someone can call the provider’s tech support and impersonate you. THE SECURITY IMPERATIVE Tools for identifying callers and confirming their access. Ask a provider about: - Policies governing account access - Policies governing phone support access Intermedia’s approach:  Stringent caller identification procedures  Admins have control over access
6. Dedicated Security Staff and Monitoring 15 THE RISK A provider’s security is only as good as its human capital. THE SECURITY IMPERATIVE The provider must assure that their staff is capable of addressing an ever-changing IT security landscape. Ask a provider about: - Staff experience - Dedicated vs. shared security personnel - What their security staff monitors - What you must monitor on your own Intermedia’s approach:  Employs dedicated, full-time certified security staff  Team monitors all aspects of security
7. Privacy 16 THE RISK Your Exchange provider has access to your personal data. THE SECURITY IMPERATIVE The provider must assure privacy. Ask a provider about: - Privacy guidelines and policies - Meeting requirements of Us Department of Commerce’s Safe Harbor Program Intermedia’s approach:  Registered with the US Dept. of Commerce’s Safe Harbor program, meeting their privacy requirements
8. Audit Reports 17 THE RISK You shouldn’t rely solely on information from the provider itself. THE SECURITY IMPERATIVE You should request third-party validation of the provider’s security claims. Ask a provider about: - Third-party audit reports - Look for SOC 2 reports (as opposed to SAS 70 or SSAE16 reports) - Look for Type I vs. Type II reports (Type II is more stringent) - Request specific “trust principles” details for security, availability, processing integrity, confidentiality and privacy Intermedia’s approach:  SOC 2 Type II audited  Audit applies company-wide, not just at the datacenter level  Audited against all five trust service principles
9. PCI Compliance 18 THE RISK Your provider will have your payment details. THE SECURITY IMPERATIVE Assurance of the safety of your provider’s payment processing systems. Ask a provider about: - PCI Compliance Intermedia’s approach:  Payment processing system is PCI compliant
10. Email Security: Anti-Spam 19 THE RISK Spam wastes bandwidth and distracts employees. THE SECURITY IMPERATIVE The provider must block spam without blocking legitimate email. Ask a provider about: - Anti-spam protection - Granularity of control of settings and black/white lists for end users - Flexibility of spam control for admins Intermedia’s approach:  SpamStopper™ or SpamStopper Pro included with all accounts, free  Company-wide white and black lists  Control over white/black lists through Outlook and OWA  Administrator flexibility to manage spam settings
11. Email Security: Anti-Virus 20 THE RISK Malware can infiltrate your systems and cause massive damage. THE SECURITY IMPERATIVE The provider must scan for and eliminate email- borne malware. Ask a provider about: - Effectiveness of protection - Proactive scanning - Additional costs - Frequency of virus definition updates Intermedia’s approach:  All accounts include VirusStopper™ free of charge  Catches 99.999% of viruses  Virus databases auto- updated multiple times per day  Continuously managed software and virus definitions
12. Email Security: Protection for Mobile Devices 21 THE RISK Mobile devices can introduce security threats— especially personal mobile devices. THE SECURITY IMPERATIVE Enable employees to use mobile devices while mitigating the risks of extended access. Ask a provider about: - Mobile device management - Provider responsibilities - Customer responsibilities Intermedia’s approach:  Admin can set security and message management policies for mobile devices  Remotely wipe mobile devices  Deactivate devices remotely  Set policies account-wide or per user
13. Email Security: Data Replication 22 THE RISK Datacenter hardware can fail unpredictably. THE SECURITY IMPERATIVE The provider must assure the integrity of your data at all times. Ask a provider about: - Data corruption protection - Business continuity - Replication policies Intermedia’s approach:  Runs regular backups  Replicates data in real time  Maintains three copies of data, including tape archives
14. Email Security: Encryption 23 THE RISK Unencrypted email can be accessed and read by unauthorized parties. THE SECURITY IMPERATIVE The provider must offer encryption options to protect your business and employees. Ask a provider about: - Message-level encryption - Encryption of attachments Intermedia’s approach:  Encrypted email solution offered for greater protection  Can be deployed at the account level or the user level  Standards-based encryption (PKI, S/MIME, X.509)  Transport layer encryption via SSL from client to server
Summary 24 1. Multi-tenant platform security 2. Physical security 3. Employee security 4. Redundant Internet Service Providers 5. Authentication and access 6. Dedicated security staff and monitoring Confidential 7. Privacy 8. Audit reports 9. PCI compliance 10. Anti-spam 11. Anti-virus 12. Protection for mobile devices 13. Data replication 14. Encryption 14 Elements of Exchange Security (That You Need to Know Now)
Free Exchange Security White Paper 25 Security and Privacy in a Hosted Exchange Environment - Check your email after the webinar - Details on everything covered in this webinar - Includes a two-page checklist for side- by-side comparisons of providers - You can also request it by calling 800.379.7729 Confidential
Questions? www.intermedia.com 26
Intermedia and the Office in the Cloud 27Confidential
Intermedia: The Business Cloud for SMBs + from the world’s largest provider of hosted Exchange HOSTPILOT® + 28

Recommended

Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Edureka!
 
Cyberoam layer8
Cyberoam layer8Cyberoam layer8
Cyberoam layer8
Aniruddha Mazumder
 
CCNSE
CCNSECCNSE
CCNSE
Riyad Khatib
 
IT Network Security Services
IT Network Security ServicesIT Network Security Services
IT Network Security Services
martinvoelk
 
Fortifying Network Security with a Defense In Depth Strategy - IDC Romania preso
Fortifying Network Security with a Defense In Depth Strategy - IDC Romania presoFortifying Network Security with a Defense In Depth Strategy - IDC Romania preso
Fortifying Network Security with a Defense In Depth Strategy - IDC Romania preso
Network Performance Channel GmbH
 
Topic11
Topic11Topic11
Topic11
Anne Starr
 
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Edureka!
 
HOW TO EARN CISSP CERTIFICATION?
HOW TO EARN CISSP CERTIFICATION?HOW TO EARN CISSP CERTIFICATION?
HOW TO EARN CISSP CERTIFICATION?
Terro White
 

Recommended

Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Edureka!
 
Cyberoam layer8
Cyberoam layer8Cyberoam layer8
Cyberoam layer8
Aniruddha Mazumder
 
CCNSE
CCNSECCNSE
CCNSE
Riyad Khatib
 
IT Network Security Services
IT Network Security ServicesIT Network Security Services
IT Network Security Services
martinvoelk
 
Fortifying Network Security with a Defense In Depth Strategy - IDC Romania preso
Fortifying Network Security with a Defense In Depth Strategy - IDC Romania presoFortifying Network Security with a Defense In Depth Strategy - IDC Romania preso
Fortifying Network Security with a Defense In Depth Strategy - IDC Romania preso
Network Performance Channel GmbH
 
Topic11
Topic11Topic11
Topic11
Anne Starr
 
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Edureka!
 
HOW TO EARN CISSP CERTIFICATION?
HOW TO EARN CISSP CERTIFICATION?HOW TO EARN CISSP CERTIFICATION?
HOW TO EARN CISSP CERTIFICATION?
Terro White
 
IDC Cloud Security and Managed Services Conference Riyadh KSA
IDC Cloud Security and Managed Services Conference Riyadh KSAIDC Cloud Security and Managed Services Conference Riyadh KSA
IDC Cloud Security and Managed Services Conference Riyadh KSA
Jorge Sebastiao
 
F-Secure E-mail and Server Security
F-Secure E-mail and Server SecurityF-Secure E-mail and Server Security
F-Secure E-mail and Server Security
F-Secure Corporation
 
Security+
Security+Security+
Security+
elshiekh1980
 
ISO 27001 - information security user awareness training presentation -part 2
ISO 27001 - information security user awareness training presentation -part 2ISO 27001 - information security user awareness training presentation -part 2
ISO 27001 - information security user awareness training presentation -part 2
Tanmay Shinde
 
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
Edureka!
 
Offensive cyber security engineer updated
Offensive cyber security engineer updatedOffensive cyber security engineer updated
Offensive cyber security engineer updated
InfosecTrain
 
Apani Ov V9
Apani Ov V9Apani Ov V9
Apani Ov V9
ScottBreadmore
 
Client Security - Best security for business workstations
Client Security - Best security for business workstationsClient Security - Best security for business workstations
Client Security - Best security for business workstations
F-Secure Corporation
 
Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...
Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...
Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...
Edureka!
 
SD-WAN - comSpark 2019
SD-WAN - comSpark 2019SD-WAN - comSpark 2019
SD-WAN - comSpark 2019
Advanced Technology Consulting (ATC)
 
Cyber security standards
Cyber security standardsCyber security standards
Cyber security standards
Vaughan Olufemi ACIB, AICEN, ANIM
 
ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1
Tanmay Shinde
 
Cyber-Leave-Behind-Brochure-Done (1)
Cyber-Leave-Behind-Brochure-Done (1)Cyber-Leave-Behind-Brochure-Done (1)
Cyber-Leave-Behind-Brochure-Done (1)
Sam Norallah
 
102 Information security standards and specifications
102 Information security standards and specifications102 Information security standards and specifications
102 Information security standards and specifications
SsendiSamuel
 
Information Security Basics for Businesses and Individuals
Information Security Basics for Businesses and IndividualsInformation Security Basics for Businesses and Individuals
Information Security Basics for Businesses and Individuals
Josh Moulin, MSISA,CISSP
 
Symantec: čas přítomný a budoucí
Symantec: čas přítomný a budoucíSymantec: čas přítomný a budoucí
Symantec: čas přítomný a budoucí
MarketingArrowECS_CZ
 
Cyber Security For Organization Proposal PowerPoint Presentation Slides
Cyber Security For Organization Proposal PowerPoint Presentation SlidesCyber Security For Organization Proposal PowerPoint Presentation Slides
Cyber Security For Organization Proposal PowerPoint Presentation Slides
SlideTeam
 
Trend Micro - Hosted eMail Security
Trend Micro - Hosted eMail SecurityTrend Micro - Hosted eMail Security
Trend Micro - Hosted eMail Security
Teddy Wijaya
 
Zabezpečení mobilních zařízení ve firemním prostředí
Zabezpečení mobilních zařízení ve firemním prostředíZabezpečení mobilních zařízení ve firemním prostředí
Zabezpečení mobilních zařízení ve firemním prostředí
MarketingArrowECS_CZ
 
e commerce security and fraud protection
e commerce security and fraud protectione commerce security and fraud protection
e commerce security and fraud protection
tumetr1
 
Hybrid leadership 2
Hybrid leadership 2Hybrid leadership 2
Hybrid leadership 2
Ercan KAYA
 
สื่อกราฟิก
สื่อกราฟิกสื่อกราฟิก
สื่อกราฟิก
tryvichheka
 

More Related Content

What's hot

IDC Cloud Security and Managed Services Conference Riyadh KSA
IDC Cloud Security and Managed Services Conference Riyadh KSAIDC Cloud Security and Managed Services Conference Riyadh KSA
IDC Cloud Security and Managed Services Conference Riyadh KSA
Jorge Sebastiao
 
F-Secure E-mail and Server Security
F-Secure E-mail and Server SecurityF-Secure E-mail and Server Security
F-Secure E-mail and Server Security
F-Secure Corporation
 
Security+
Security+Security+
Security+
elshiekh1980
 
ISO 27001 - information security user awareness training presentation -part 2
ISO 27001 - information security user awareness training presentation -part 2ISO 27001 - information security user awareness training presentation -part 2
ISO 27001 - information security user awareness training presentation -part 2
Tanmay Shinde
 
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
Edureka!
 
Offensive cyber security engineer updated
Offensive cyber security engineer updatedOffensive cyber security engineer updated
Offensive cyber security engineer updated
InfosecTrain
 
Apani Ov V9
Apani Ov V9Apani Ov V9
Apani Ov V9
ScottBreadmore
 
Client Security - Best security for business workstations
Client Security - Best security for business workstationsClient Security - Best security for business workstations
Client Security - Best security for business workstations
F-Secure Corporation
 
Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...
Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...
Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...
Edureka!
 
SD-WAN - comSpark 2019
SD-WAN - comSpark 2019SD-WAN - comSpark 2019
SD-WAN - comSpark 2019
Advanced Technology Consulting (ATC)
 
Cyber security standards
Cyber security standardsCyber security standards
Cyber security standards
Vaughan Olufemi ACIB, AICEN, ANIM
 
ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1
Tanmay Shinde
 
Cyber-Leave-Behind-Brochure-Done (1)
Cyber-Leave-Behind-Brochure-Done (1)Cyber-Leave-Behind-Brochure-Done (1)
Cyber-Leave-Behind-Brochure-Done (1)
Sam Norallah
 
102 Information security standards and specifications
102 Information security standards and specifications102 Information security standards and specifications
102 Information security standards and specifications
SsendiSamuel
 
Information Security Basics for Businesses and Individuals
Information Security Basics for Businesses and IndividualsInformation Security Basics for Businesses and Individuals
Information Security Basics for Businesses and Individuals
Josh Moulin, MSISA,CISSP
 
Symantec: čas přítomný a budoucí
Symantec: čas přítomný a budoucíSymantec: čas přítomný a budoucí
Symantec: čas přítomný a budoucí
MarketingArrowECS_CZ
 
Cyber Security For Organization Proposal PowerPoint Presentation Slides
Cyber Security For Organization Proposal PowerPoint Presentation SlidesCyber Security For Organization Proposal PowerPoint Presentation Slides
Cyber Security For Organization Proposal PowerPoint Presentation Slides
SlideTeam
 
Trend Micro - Hosted eMail Security
Trend Micro - Hosted eMail SecurityTrend Micro - Hosted eMail Security
Trend Micro - Hosted eMail Security
Teddy Wijaya
 
Zabezpečení mobilních zařízení ve firemním prostředí
Zabezpečení mobilních zařízení ve firemním prostředíZabezpečení mobilních zařízení ve firemním prostředí
Zabezpečení mobilních zařízení ve firemním prostředí
MarketingArrowECS_CZ
 
e commerce security and fraud protection
e commerce security and fraud protectione commerce security and fraud protection
e commerce security and fraud protection
tumetr1
 

What's hot (20)

IDC Cloud Security and Managed Services Conference Riyadh KSA
IDC Cloud Security and Managed Services Conference Riyadh KSAIDC Cloud Security and Managed Services Conference Riyadh KSA
IDC Cloud Security and Managed Services Conference Riyadh KSA
 
F-Secure E-mail and Server Security
F-Secure E-mail and Server SecurityF-Secure E-mail and Server Security
F-Secure E-mail and Server Security
 
Security+
Security+Security+
Security+
 
ISO 27001 - information security user awareness training presentation -part 2
ISO 27001 - information security user awareness training presentation -part 2ISO 27001 - information security user awareness training presentation -part 2
ISO 27001 - information security user awareness training presentation -part 2
 
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
 
Offensive cyber security engineer updated
Offensive cyber security engineer updatedOffensive cyber security engineer updated
Offensive cyber security engineer updated
 
Apani Ov V9
Apani Ov V9Apani Ov V9
Apani Ov V9
 
Client Security - Best security for business workstations
Client Security - Best security for business workstationsClient Security - Best security for business workstations
Client Security - Best security for business workstations
 
Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...
Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...
Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...
 
SD-WAN - comSpark 2019
SD-WAN - comSpark 2019SD-WAN - comSpark 2019
SD-WAN - comSpark 2019
 
Cyber security standards
Cyber security standardsCyber security standards
Cyber security standards
 
ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1
 
Cyber-Leave-Behind-Brochure-Done (1)
Cyber-Leave-Behind-Brochure-Done (1)Cyber-Leave-Behind-Brochure-Done (1)
Cyber-Leave-Behind-Brochure-Done (1)
 
102 Information security standards and specifications
102 Information security standards and specifications102 Information security standards and specifications
102 Information security standards and specifications
 
Information Security Basics for Businesses and Individuals
Information Security Basics for Businesses and IndividualsInformation Security Basics for Businesses and Individuals
Information Security Basics for Businesses and Individuals
 
Symantec: čas přítomný a budoucí
Symantec: čas přítomný a budoucíSymantec: čas přítomný a budoucí
Symantec: čas přítomný a budoucí
 
Cyber Security For Organization Proposal PowerPoint Presentation Slides
Cyber Security For Organization Proposal PowerPoint Presentation SlidesCyber Security For Organization Proposal PowerPoint Presentation Slides
Cyber Security For Organization Proposal PowerPoint Presentation Slides
 
Trend Micro - Hosted eMail Security
Trend Micro - Hosted eMail SecurityTrend Micro - Hosted eMail Security
Trend Micro - Hosted eMail Security
 
Zabezpečení mobilních zařízení ve firemním prostředí
Zabezpečení mobilních zařízení ve firemním prostředíZabezpečení mobilních zařízení ve firemním prostředí
Zabezpečení mobilních zařízení ve firemním prostředí
 
e commerce security and fraud protection
e commerce security and fraud protectione commerce security and fraud protection
e commerce security and fraud protection
 

Viewers also liked

Hybrid leadership 2
Hybrid leadership 2Hybrid leadership 2
Hybrid leadership 2
Ercan KAYA
 
สื่อกราฟิก
สื่อกราฟิกสื่อกราฟิก
สื่อกราฟิก
tryvichheka
 
สื่อกราฟิก
สื่อกราฟิกสื่อกราฟิก
สื่อกราฟิก
tryvichheka
 
1612 ict topic1_2
1612 ict topic1_21612 ict topic1_2
1612 ict topic1_2
Sultan Ashfaq
 
Leadership quotes
Leadership quotesLeadership quotes
Leadership quotes
Ercan KAYA
 
Codigo etico final
Codigo etico finalCodigo etico final
Codigo etico final
Somos Griñon
 
Leadership Lessons
Leadership Lessons Leadership Lessons
Leadership Lessons
Ercan KAYA
 
Liderlik
LiderlikLiderlik
Liderlik
Ercan KAYA
 
Triz sunum
Triz sunumTriz sunum
Triz sunum
Ercan KAYA
 
44 keith f. mello - 5957733 - electrical terminal connector
44 keith f. mello - 5957733 - electrical terminal connector44 keith f. mello - 5957733 - electrical terminal connector
44 keith f. mello - 5957733 - electrical terminal connector
Mello_Patent_Registry
 
112 andrew fire - 7622633 - genetic inhibition by double-stranded rna
112 andrew fire - 7622633 - genetic inhibition by double-stranded rna112 andrew fire - 7622633 - genetic inhibition by double-stranded rna
112 andrew fire - 7622633 - genetic inhibition by double-stranded rna
Mello_Patent_Registry
 

Viewers also liked (11)

Hybrid leadership 2
Hybrid leadership 2Hybrid leadership 2
Hybrid leadership 2
 
สื่อกราฟิก
สื่อกราฟิกสื่อกราฟิก
สื่อกราฟิก
 
สื่อกราฟิก
สื่อกราฟิกสื่อกราฟิก
สื่อกราฟิก
 
1612 ict topic1_2
1612 ict topic1_21612 ict topic1_2
1612 ict topic1_2
 
Leadership quotes
Leadership quotesLeadership quotes
Leadership quotes
 
Codigo etico final
Codigo etico finalCodigo etico final
Codigo etico final
 
Leadership Lessons
Leadership Lessons Leadership Lessons
Leadership Lessons
 
Liderlik
LiderlikLiderlik
Liderlik
 
Triz sunum
Triz sunumTriz sunum
Triz sunum
 
44 keith f. mello - 5957733 - electrical terminal connector
44 keith f. mello - 5957733 - electrical terminal connector44 keith f. mello - 5957733 - electrical terminal connector
44 keith f. mello - 5957733 - electrical terminal connector
 
112 andrew fire - 7622633 - genetic inhibition by double-stranded rna
112 andrew fire - 7622633 - genetic inhibition by double-stranded rna112 andrew fire - 7622633 - genetic inhibition by double-stranded rna
112 andrew fire - 7622633 - genetic inhibition by double-stranded rna
 

Similar to Security With Hosted Exchange

IBM Messaging Security - Why securing your environment is important : IBM Int...
IBM Messaging Security - Why securing your environment is important : IBM Int...IBM Messaging Security - Why securing your environment is important : IBM Int...
IBM Messaging Security - Why securing your environment is important : IBM Int...
Leif Davidsen
 
3433 IBM messaging security why securing your environment is important-feb2...
3433 IBM messaging security why securing your environment is important-feb2...3433 IBM messaging security why securing your environment is important-feb2...
3433 IBM messaging security why securing your environment is important-feb2...
Robert Parker
 
apidays LIVE Paris 2021 - How password managers are built for Privacy and Sec...
apidays LIVE Paris 2021 - How password managers are built for Privacy and Sec...apidays LIVE Paris 2021 - How password managers are built for Privacy and Sec...
apidays LIVE Paris 2021 - How password managers are built for Privacy and Sec...
apidays
 
Ecommerce Security
Ecommerce SecurityEcommerce Security
Ecommerce Security
Rebecca Jones
 
Security in E-commerce
Security in E-commerceSecurity in E-commerce
Security in E-commerce
m8817
 
Top 5 Ways How Accounting Firms Can Protect Their Client Data
Top 5 Ways How Accounting Firms Can Protect Their Client Data Top 5 Ways How Accounting Firms Can Protect Their Client Data
Top 5 Ways How Accounting Firms Can Protect Their Client Data
Avni Rajput
 
Ais Romney 2006 Slides 08 Is Control2
Ais Romney 2006 Slides 08 Is Control2Ais Romney 2006 Slides 08 Is Control2
Ais Romney 2006 Slides 08 Is Control2
Sharing Slides Training
 
Ais Romney 2006 Slides 08 Is Control2
Ais Romney 2006 Slides 08 Is Control2Ais Romney 2006 Slides 08 Is Control2
Ais Romney 2006 Slides 08 Is Control2
sharing notes123
 
Cloud computing risks
Cloud computing risksCloud computing risks
Cloud computing risks
sripriya78
 
AWS Summit Stockholm 2014 – T2 – Understanding AWS security
AWS Summit Stockholm 2014 – T2 – Understanding AWS securityAWS Summit Stockholm 2014 – T2 – Understanding AWS security
AWS Summit Stockholm 2014 – T2 – Understanding AWS security
Amazon Web Services
 
IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future
IBM
 
Securing Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP LeaksSecuring Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP Leaks
Hokme
 
Module 10 e security-en
Module 10 e security-enModule 10 e security-en
Module 10 e security-en
Institute of Entrepreneurship Development
 
Chapter 4Secure Design PrinciplesCopyright © 2014 by McGraw-
Chapter 4Secure Design PrinciplesCopyright © 2014 by McGraw-Chapter 4Secure Design PrinciplesCopyright © 2014 by McGraw-
Chapter 4Secure Design PrinciplesCopyright © 2014 by McGraw-
WilheminaRossi174
 
Defending Your IBM i Against Malware
Defending Your IBM i Against MalwareDefending Your IBM i Against Malware
Defending Your IBM i Against Malware
Precisely
 
Small Business Administration Recommendations
Small Business Administration RecommendationsSmall Business Administration Recommendations
Small Business Administration Recommendations
Meg Weber
 
Why Network and Endpoint Security Isn’t Enough
Why Network and Endpoint Security Isn’t EnoughWhy Network and Endpoint Security Isn’t Enough
Why Network and Endpoint Security Isn’t Enough
Imperva
 
Policy for PDO
Policy for PDOPolicy for PDO
Policy for PDO
Hajer alriyami
 
Information Security Seminar
Information Security SeminarInformation Security Seminar
Information Security Seminar
Acend Corporate Learning
 
Implementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommutersImplementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommuters
Rishabh Gupta
 

Similar to Security With Hosted Exchange (20)

IBM Messaging Security - Why securing your environment is important : IBM Int...
IBM Messaging Security - Why securing your environment is important : IBM Int...IBM Messaging Security - Why securing your environment is important : IBM Int...
IBM Messaging Security - Why securing your environment is important : IBM Int...
 
3433 IBM messaging security why securing your environment is important-feb2...
3433 IBM messaging security why securing your environment is important-feb2...3433 IBM messaging security why securing your environment is important-feb2...
3433 IBM messaging security why securing your environment is important-feb2...
 
apidays LIVE Paris 2021 - How password managers are built for Privacy and Sec...
apidays LIVE Paris 2021 - How password managers are built for Privacy and Sec...apidays LIVE Paris 2021 - How password managers are built for Privacy and Sec...
apidays LIVE Paris 2021 - How password managers are built for Privacy and Sec...
 
Ecommerce Security
Ecommerce SecurityEcommerce Security
Ecommerce Security
 
Security in E-commerce
Security in E-commerceSecurity in E-commerce
Security in E-commerce
 
Top 5 Ways How Accounting Firms Can Protect Their Client Data
Top 5 Ways How Accounting Firms Can Protect Their Client Data Top 5 Ways How Accounting Firms Can Protect Their Client Data
Top 5 Ways How Accounting Firms Can Protect Their Client Data
 
Ais Romney 2006 Slides 08 Is Control2
Ais Romney 2006 Slides 08 Is Control2Ais Romney 2006 Slides 08 Is Control2
Ais Romney 2006 Slides 08 Is Control2
 
Ais Romney 2006 Slides 08 Is Control2
Ais Romney 2006 Slides 08 Is Control2Ais Romney 2006 Slides 08 Is Control2
Ais Romney 2006 Slides 08 Is Control2
 
Cloud computing risks
Cloud computing risksCloud computing risks
Cloud computing risks
 
AWS Summit Stockholm 2014 – T2 – Understanding AWS security
AWS Summit Stockholm 2014 – T2 – Understanding AWS securityAWS Summit Stockholm 2014 – T2 – Understanding AWS security
AWS Summit Stockholm 2014 – T2 – Understanding AWS security
 
IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future
 
Securing Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP LeaksSecuring Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP Leaks
 
Module 10 e security-en
Module 10 e security-enModule 10 e security-en
Module 10 e security-en
 
Chapter 4Secure Design PrinciplesCopyright © 2014 by McGraw-
Chapter 4Secure Design PrinciplesCopyright © 2014 by McGraw-Chapter 4Secure Design PrinciplesCopyright © 2014 by McGraw-
Chapter 4Secure Design PrinciplesCopyright © 2014 by McGraw-
 
Defending Your IBM i Against Malware
Defending Your IBM i Against MalwareDefending Your IBM i Against Malware
Defending Your IBM i Against Malware
 
Small Business Administration Recommendations
Small Business Administration RecommendationsSmall Business Administration Recommendations
Small Business Administration Recommendations
 
Why Network and Endpoint Security Isn’t Enough
Why Network and Endpoint Security Isn’t EnoughWhy Network and Endpoint Security Isn’t Enough
Why Network and Endpoint Security Isn’t Enough
 
Policy for PDO
Policy for PDOPolicy for PDO
Policy for PDO
 
Information Security Seminar
Information Security SeminarInformation Security Seminar
Information Security Seminar
 
Implementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommutersImplementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommuters
 

Recently uploaded

TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc
 
How to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For FlutterHow to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For Flutter
Daiki Mogmet Ito
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
tolgahangng
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
名前 です男
 
June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
Ivanti
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
Octavian Nadolu
 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
Pixlogix Infotech
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Malak Abu Hammad
 
Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and MilvusBuilding Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
Zilliz
 
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceAI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
IndexBug
 
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
Jason Packer
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
Matthew Sinclair
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
panagenda
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
danishmna97
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Safe Software
 
Recommendation System using RAG Architecture
Recommendation System using RAG ArchitectureRecommendation System using RAG Architecture
Recommendation System using RAG Architecture
fredae14
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
MichaelKnudsen27
 
Webinar: Designing a schema for a Data Warehouse
Webinar: Designing a schema for a Data WarehouseWebinar: Designing a schema for a Data Warehouse
Webinar: Designing a schema for a Data Warehouse
Federico Razzoli
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
kumardaparthi1024
 
Programming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup SlidesProgramming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup Slides
Zilliz
 

Recently uploaded (20)

TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
 
How to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For FlutterHow to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For Flutter
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
 
June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
 
Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and MilvusBuilding Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
 
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceAI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
 
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
 
Recommendation System using RAG Architecture
Recommendation System using RAG ArchitectureRecommendation System using RAG Architecture
Recommendation System using RAG Architecture
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
 
Webinar: Designing a schema for a Data Warehouse
Webinar: Designing a schema for a Data WarehouseWebinar: Designing a schema for a Data Warehouse
Webinar: Designing a schema for a Data Warehouse
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
 
Programming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup SlidesProgramming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup Slides
 

Security With Hosted Exchange

  • 1. Security With Hosted Exchange: What You Need to Know Now Panelists Ryan Barrett, Vice President, Security and Privacy Marc Blakeney, Director, Product Marketing, Office in the Cloud & Exchange
  • 2. Mark Blakeney Director, Product Marketing, Office in the Cloud & Exchange Ryan Barrett Vice President, Security & Privacy Questions We love questions. If you have one during the webinar, please expand the GoToWebinar chat window and ask away. Following the webinar we will address as many questions as we can. Welcome—Thank You for Joining Us
  • 3. Office in the Cloud: Our Suite of Services Office IN THE Cloud™ Email File Management Collaboration Backup & Security Cloud Server Mobility Voice Services Reliability You can trust the cloud to securely underpin your business. Empowerment You can manage and use your cloud any way you want. Support You can rely on us 24/7 to assure ease of doing business. INTERMEDIA’S DIFFERENCE: THE WORRY-FREE EXPERIENCE HostPilot® Control Panel 3
  • 4. Agenda 1. The Importance of Exchange Security 2. 14 Elements of Exchange Security (That You Need to Know Now) 3. Questions and Q&A 4
  • 5. The Importance of Exchange Security 5Confidential
  • 6. 6 Why Does Exchange Security Matter? A breach in email security could… … infect your own systems … corrupt your business-critical systems and data … require extensive time and resources to recover … cause lost revenue and missed business opportunities … infect your customers/partners systems … infect your competitors’ systems … open you up to legal liability
  • 7. 7 Why is the Cloud Actually More Secure? Hosted Exchange security far exceeds the reasonable capacity of the average business’s in-house IT team. - Physical security - Datacenter facilities - Hardware and software - Third-party auditing - And much, much more
  • 8. 8 Poll Question Confidential What are your top email security concerns? (select all that apply)  Data loss or theft  Data corruption or recovery  Virus infections  Regulatory compliance  None of the above
  • 9. 14 Elements of Exchange Security (That You Need to Know Now) 9
  • 10. 1. Multi-Tenant Platform Security 10 THE RISK Datacenters are hosting multiple clients simultaneously. THE SECURITY IMPERATIVE The provider must protect against unauthorized access between accounts. Ask a provider about: - Firewalls - VPNs - Traffic management tools - Intrusion Protection Systems Intermedia’s approach:  Redundant, enterprise-class firewalls  Multiple Intrusion Prevention Systems (IPS) employed (host and network)
  • 11. 2. Physical Security 11 THE RISK Your data is vulnerable where it exists in the real world. THE SECURITY IMPERATIVE The providers’ datacenters must be physically protected. Ask a provider about: - Cameras - Perimeter security - Employee access controls Intermedia’s approach:  Closed-circuit TV  Secure access policies  Security guards
  • 12. 3. Employee Security 12 THE RISK Exchange provider employees require access to your data. THE SECURITY IMPERATIVE The provider must vouch for the trustworthiness and competency of their employees. Ask a provider about: - Background checks - Employee experience - Do they have dedicated personnel? - Training and certifications - Outsourcing Intermedia’s approach:  Background checks  Two-factor authentication and role-based access control  Restricted server access
  • 13. 4. Redundant Internet Service Providers 13 THE RISK The datacenter must be connected to the Internet in order to provide service. THE SECURITY IMPERATIVE Protection against provider downtime and Distributed Denial of Service attacks? Ask a provider about: - Who are their Internet Service Providers? - DDoS protection - Mitigation technologies Intermedia’s approach:  Multiple Tier-1 Internet providers including Sprint, Level 3 and Verizon
  • 14. 5. Authentication and Access 14 THE RISK Someone can call the provider’s tech support and impersonate you. THE SECURITY IMPERATIVE Tools for identifying callers and confirming their access. Ask a provider about: - Policies governing account access - Policies governing phone support access Intermedia’s approach:  Stringent caller identification procedures  Admins have control over access
  • 15. 6. Dedicated Security Staff and Monitoring 15 THE RISK A provider’s security is only as good as its human capital. THE SECURITY IMPERATIVE The provider must assure that their staff is capable of addressing an ever-changing IT security landscape. Ask a provider about: - Staff experience - Dedicated vs. shared security personnel - What their security staff monitors - What you must monitor on your own Intermedia’s approach:  Employs dedicated, full-time certified security staff  Team monitors all aspects of security
  • 16. 7. Privacy 16 THE RISK Your Exchange provider has access to your personal data. THE SECURITY IMPERATIVE The provider must assure privacy. Ask a provider about: - Privacy guidelines and policies - Meeting requirements of Us Department of Commerce’s Safe Harbor Program Intermedia’s approach:  Registered with the US Dept. of Commerce’s Safe Harbor program, meeting their privacy requirements
  • 17. 8. Audit Reports 17 THE RISK You shouldn’t rely solely on information from the provider itself. THE SECURITY IMPERATIVE You should request third-party validation of the provider’s security claims. Ask a provider about: - Third-party audit reports - Look for SOC 2 reports (as opposed to SAS 70 or SSAE16 reports) - Look for Type I vs. Type II reports (Type II is more stringent) - Request specific “trust principles” details for security, availability, processing integrity, confidentiality and privacy Intermedia’s approach:  SOC 2 Type II audited  Audit applies company-wide, not just at the datacenter level  Audited against all five trust service principles
  • 18. 9. PCI Compliance 18 THE RISK Your provider will have your payment details. THE SECURITY IMPERATIVE Assurance of the safety of your provider’s payment processing systems. Ask a provider about: - PCI Compliance Intermedia’s approach:  Payment processing system is PCI compliant
  • 19. 10. Email Security: Anti-Spam 19 THE RISK Spam wastes bandwidth and distracts employees. THE SECURITY IMPERATIVE The provider must block spam without blocking legitimate email. Ask a provider about: - Anti-spam protection - Granularity of control of settings and black/white lists for end users - Flexibility of spam control for admins Intermedia’s approach:  SpamStopper™ or SpamStopper Pro included with all accounts, free  Company-wide white and black lists  Control over white/black lists through Outlook and OWA  Administrator flexibility to manage spam settings
  • 20. 11. Email Security: Anti-Virus 20 THE RISK Malware can infiltrate your systems and cause massive damage. THE SECURITY IMPERATIVE The provider must scan for and eliminate email- borne malware. Ask a provider about: - Effectiveness of protection - Proactive scanning - Additional costs - Frequency of virus definition updates Intermedia’s approach:  All accounts include VirusStopper™ free of charge  Catches 99.999% of viruses  Virus databases auto- updated multiple times per day  Continuously managed software and virus definitions
  • 21. 12. Email Security: Protection for Mobile Devices 21 THE RISK Mobile devices can introduce security threats— especially personal mobile devices. THE SECURITY IMPERATIVE Enable employees to use mobile devices while mitigating the risks of extended access. Ask a provider about: - Mobile device management - Provider responsibilities - Customer responsibilities Intermedia’s approach:  Admin can set security and message management policies for mobile devices  Remotely wipe mobile devices  Deactivate devices remotely  Set policies account-wide or per user
  • 22. 13. Email Security: Data Replication 22 THE RISK Datacenter hardware can fail unpredictably. THE SECURITY IMPERATIVE The provider must assure the integrity of your data at all times. Ask a provider about: - Data corruption protection - Business continuity - Replication policies Intermedia’s approach:  Runs regular backups  Replicates data in real time  Maintains three copies of data, including tape archives
  • 23. 14. Email Security: Encryption 23 THE RISK Unencrypted email can be accessed and read by unauthorized parties. THE SECURITY IMPERATIVE The provider must offer encryption options to protect your business and employees. Ask a provider about: - Message-level encryption - Encryption of attachments Intermedia’s approach:  Encrypted email solution offered for greater protection  Can be deployed at the account level or the user level  Standards-based encryption (PKI, S/MIME, X.509)  Transport layer encryption via SSL from client to server
  • 24. Summary 24 1. Multi-tenant platform security 2. Physical security 3. Employee security 4. Redundant Internet Service Providers 5. Authentication and access 6. Dedicated security staff and monitoring Confidential 7. Privacy 8. Audit reports 9. PCI compliance 10. Anti-spam 11. Anti-virus 12. Protection for mobile devices 13. Data replication 14. Encryption 14 Elements of Exchange Security (That You Need to Know Now)
  • 25. Free Exchange Security White Paper 25 Security and Privacy in a Hosted Exchange Environment - Check your email after the webinar - Details on everything covered in this webinar - Includes a two-page checklist for side- by-side comparisons of providers - You can also request it by calling 800.379.7729 Confidential
  • 27. Intermedia and the Office in the Cloud 27Confidential
  • 28. Intermedia: The Business Cloud for SMBs + from the world’s largest provider of hosted Exchange HOSTPILOT® + 28