Solved

Antispam third party service security

Posted on 2014-10-21
4
141 Views
Last Modified: 2014-10-27
Hello All,

We are trying to implement an Antispam cloud service. All of our inbound emails will be passing through them first and then relayed to us.

I am a little concern if they will be holding a copy of our emails somewhere and wanted to know if there is anything that I can ask them to provide to us in order to assure confidentiality, something that will also serve us to provide to our IT auditors in the future.

Any ideas will be greatly appreciated.

Thanks!
0
Comment
Question by:LuiLui77
  • 2
4 Comments
 
LVL 28

Accepted Solution

by:
jhyiesla earned 500 total points
Comment Utility
Basically you need to do just what you said - ask them if they are a store and forward service or just a forward service.  Then ask for documentation showing proof of their statement and I'd consider putting it into the contract if possible. If they are going to store them at all and you're OK with that - which isn't necessarily a bad thing, you need some signed documentation showing the level of security they have on their systems.  As  company we usually write these kinds of things either into the contracts or as a part of a Business Associate agreement. If they don't offer what you need or can't provide the signed documentation or you have some uneasiness about them, I'd move on to another service.
0
 

Author Comment

by:LuiLui77
Comment Utility
Great advise, thank you jhyiesla!

I will be asking them for it.
0
 
LVL 24

Expert Comment

by:Mohammed Khawaja
Comment Utility
We are using Fusemail where they not only provide anti-spam and anti-virus but they provide web browser access to email functionality in an event of your in-house mail failure.  Look at their website for email security and email continuity features so that you could ask for same thing from your provider.  Their website is www.fusemail.com
0
 

Author Closing Comment

by:LuiLui77
Comment Utility
Hello All,

All documents need were provided. I had to sign an NDA though, which it sounds logical.

Thanks to you all!
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Article by: btan
Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
Big data transfers via information superhighways require special attention and protection. Learn more about the IT-regulations of the country where your server is located. Analyze cloud providers and their encryption systems for safe data transit. S…
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now