Re: Need argument for scanning at Exchange

From: Alun Jones [MS MVP] (alun_at_texis.invalid)
Date: 03/26/04


Date: Fri, 26 Mar 2004 19:54:58 GMT

In article <k4276015dcrcn00b0f5trfmtrehok38hkn@4ax.com>, "|{evin"
<You@dont.need> wrote:
>I tried this argument. In my environment, there's less than 20 people
>in our development office directly connected to the exchange server.
>All of our customers access the applications we write via web services
>or Citrix.. we also provide email for them. They can use POP3, OWA, or
>run outlook via citrix... POP3 is by far the most common method.
>
>My manager... his take is that their desktops are their
>responsibility.

Ask him if he's checked with the company lawyers that this is valid
protection from liability claims, should one of your customers get infected
through viruses that were sent through your mailbox.

I don't know what the answer is, because I've not been with any company
that's faced that problem. I bet your manager doesn't know, either.

>We deal with healthcare information... even the threat of some sort of
>disclosure hasn't prompted them...

Disclosure is only one problem - what about corruption of patient data?

>Actually, they aren't excluded.. I have the power to exlude them, but
>I'm seriously pondering setting up a rule to forward all the virus
>notification emails I get from the queue folder to my boss and his
>boss... just to see if I can annoy them into doing it.

Maybe you could have a customer call in, and ask what protection is being
applied to his email account.

Alun.
~~~~

[Please don't email posters, if a Usenet response is appropriate.]

-- 
Texas Imperial Software   | Find us at http://www.wftpd.com or email
1602 Harvest Moon Place   | alun@texis.com.
Cedar Park TX 78613-1419  | WFTPD, WFTPD Pro are Windows FTP servers.
Fax/Voice +1(512)258-9858 | Try our NEW client software, WFTPD Explorer.


Relevant Pages

  • RE: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability
    ... I'm not angry with Microsoft. ... MSRC and go to the extremes to protect Microsoft's customers. ... to repeatedly bug the vendor for 3-6 months or more to fix a problem. ... You're making an argument for no disclosure and no accountability... ...
    (Full-Disclosure)
  • Re: [Full-disclosure] Publicly Disclosing A Vulnerability
    ... Exposes customers to unprepared risk by mallicious intruders with the knowledge of the vulnerability. ... People with agreements on its disclosure ...
    (Full-Disclosure)
  • Re: what gives?? Hey Microsoft, HEL-LO....
    ... It's a virus, and as more people click on the attachment ... Take a programming course, and learn more about your system - eventually ... Texas Imperial Software | Find us at http://www.wftpd.com or email ... Cedar Park TX 78613-1419 | WFTPD, WFTPD Pro are Windows FTP servers. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: password expiration
    ... Changing the password for this account would mean ... contacting all of your customers. ... Texas Imperial Software | Try WFTPD, ... Fax/Voice +1258-9858 | read details of WFTPD Pro for NT. ...
    (comp.security.misc)
  • Re: password expiration
    ... Changing the password for this account would mean ... contacting all of your customers. ... Texas Imperial Software | Try WFTPD, ... Fax/Voice +1258-9858 | read details of WFTPD Pro for NT. ...
    (comp.security.misc)