Corporate policies on web mail services like Hotmail?
From: SpellCaster (SpellCaster@weehawken-nj.us)
Date: 12/06/02
- Next message: Richard Pitt: "Re: Corporate policies on web mail services like Hotmail?"
- Previous message: James Preston: "Re: What determines which Cipher is used?"
- Next in thread: Richard Pitt: "Re: Corporate policies on web mail services like Hotmail?"
- Reply: Richard Pitt: "Re: Corporate policies on web mail services like Hotmail?"
- Reply: those who know me have no need of my name: "Re: Corporate policies on web mail services like Hotmail?"
- Reply: Tiger Hillside: "Re: Corporate policies on web mail services like Hotmail?"
- Reply: John Elsbury: "Re: Corporate policies on web mail services like Hotmail?"
- Reply: Barry Margolin: "Re: Corporate policies on web mail services like Hotmail?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "SpellCaster" <SpellCaster@weehawken-nj.us> Date: Fri, 06 Dec 2002 02:34:51 GMT
Greetings...
I am an infosec type at a US corporation and have been asked for some input into whether we should be allowing users of our network to access webmail servers like YahooMail and HotMail.
On the one hand, I see the risks - filters for JavaScript and HTML are not perfect and may result in code being executed on the client. Attachments in webmail messages are not processed by the gateway virus checker we have in place.
On the other hand, are these risks that much greater than those posed by users visiting any other web site? Bad JavaScript and HTML may lurk on other sites (I am thinking of web based bulletin boards and forums). We have anti virus software at the desktop which is scanning files as they are downloaded.
Do you think that the risks posed merit taking away the ability for our employees to check their personal mail?
Any opinions on this issue would be greatly appreciated.
SC
- Next message: Richard Pitt: "Re: Corporate policies on web mail services like Hotmail?"
- Previous message: James Preston: "Re: What determines which Cipher is used?"
- Next in thread: Richard Pitt: "Re: Corporate policies on web mail services like Hotmail?"
- Reply: Richard Pitt: "Re: Corporate policies on web mail services like Hotmail?"
- Reply: those who know me have no need of my name: "Re: Corporate policies on web mail services like Hotmail?"
- Reply: Tiger Hillside: "Re: Corporate policies on web mail services like Hotmail?"
- Reply: John Elsbury: "Re: Corporate policies on web mail services like Hotmail?"
- Reply: Barry Margolin: "Re: Corporate policies on web mail services like Hotmail?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
