This type of activity also exposes
security concerns on a company-wide level that a diligent hacker could use to their
advantage. Some of the consequences could include stealing great deals of sensitive
proprietary company information, including information about employee salaries,
disciplinary actions, terminations, and company intellectual property information. In this
day and age, it is diffi cult to believe sensitive information would be transmitted in
clear text.
While securing an OWA deployment certainly will not solve every security issue
related to e-mail, it can address those related to providing remote access to e-mail. With
any remote e-mail access solution, the organization should be primarily concerned
with connections from public networks, especially those from public wireless access
points. A few places that are inherently problematic to have users connecting from include
coffee houses, Internet caf?©s, technical conferences (kiosks), and international airports,
all breeding grounds for sniffers. The logon credentials and all e-mail messages
transmitted in these environments can easily be sniffed and captured by malicious
eavesdroppers.
Similarly, there are situations where some corporations do not maintain a local
Exchange Mail system on site, choosing to lease e-mail systems from local Internet
Service Providers (ISPs), but still use OWA or other remote access methods to access their
e-mail when on the road.
Pages:
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341