<div>
Use the following architecture:<br />
<br />
Server&lt;=&gt;Exchange&lt;=&gt;Firewa<wbr />ll&lt;=&gt;DMZ-M<wbr />ail Server&lt;====&gt;WAN.........WA<wbr />N&lt;=&gt;FW Client&lt;=&gt;Staff laptop.<br />
<br />
If you wish to send secured e-Mails to your clients, you may use a FW system along with a VPN clinet (on the client side) and that is to open a secured tunnlled sesion. While this session is ON than the client wont have the ability to surf the web but Just to get external company's mail...<br />
<br />
If you want to further develop the idea (along with the prevention of laptop theef using IPSec architecture...just speak to me... and I'll provide you with all the stuff you need - like Sid Barret)...<br />
<br />
Cyber
</div>


<div>
Security....<br />
<br />
What are the main risks that you perceive here? <br />
1) E-mail transmission being sniffed? =&gt; Encryption.<br />
2) Unauthorized reading of documents in the receiving end? =&gt; Encryption or password-protected files.<br />
3) Confidential files being mailed away, unbeknownst to you, by a virus? =&gt; Migrate from windows/outlook/exchange to something else.<br />
<br />
I'd say the second weakest link is network and system vulnerability, so a changeover to less vulnerable software in the e-mail and internet browsing department is a good idea (Mozilla instead of Internet Explorer, Pegasus instead of Outlook etc). The weakest link is often the people involved. Users who do not lock their workstations during breaks, as an example, or users leaving opened documents on screen when going away, stuff like that. When you have people-related issues under control you can begin thinking of transmission security.<br />
/RID
</div>


<div>
I fully agree with implementing all of the above solutions but, if security is that big of an issue with these documents, why not consider the postal service. &nbsp;The highest level of internet security is not using the internet!<br />
~~points to RID, just taking it one step farther.~~
</div>


<div>
Get a good, easy to implement email encryption solution from <a href="http://www.ciphertrust.com" rel="ugc">www.ciphertrust.com</a>, or similar.<br />
<br />

</div>


<div>
<div class="content wysiwyg-content">
I have been asked by my employer to research what can be done to implement a more secure email service into the company network. Currently the network, which runs on Windows Adv Server 2000, uses Exchange Server 5.5 and each member of staff has their own individual internal and external address which they can access using Outlook. It is going to be become necessary in the next few months for the company to start sending out confidential documents through email such as scans of medical files and emails containing other confidential information. What is the best way that I can go about securing the output from the office? Is there any secure hosting that you can recommend (I am based in the UK) or or would I be better off arranging for digital certificates to be purchased for the individual email accounts (such as that offered by verisign)? Any help you can offer me would be greatly appreciated :)
</div>
</div>


I have been asked by my employer to research what can be done to implement a more secure email service into the company network. Currently the network, which runs on Windows Adv Server 2000, uses Exchange Server 5.5 and each member of staff has their own individual internal and external address which they can access using Outlook. It is going to be become necessary in the next few months for the company to start sending out confidential documents through email such as scans of medical files and emails containing other confidential information. What is the best way that I can go about securing the output from the office? Is there any secure hosting that you can recommend (I am based in the UK) or or would I be better off arranging for digital certificates to be purchased for the individual email accounts (such as that offered by verisign)? Any help you can offer me would be greatly appreciated :)

Email security

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.

Security

Internet Protocol Security (IPsec) is a protocol suite for secure Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. IPsec includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiation of cryptographic keys to be used during the session. IPsec can be used in protecting data flows between a pair of hosts (host-to-host), between a pair of security gateways (network-to-network), or between a security gateway and a host (network-to-host). IPsec is an end-to-end security scheme operating in the Internet Layer of the Internet Protocol Suite.