Solved

Antispam third party service security

Posted on 2014-10-21
4
149 Views
Last Modified: 2014-10-27
Hello All,

We are trying to implement an Antispam cloud service. All of our inbound emails will be passing through them first and then relayed to us.

I am a little concern if they will be holding a copy of our emails somewhere and wanted to know if there is anything that I can ask them to provide to us in order to assure confidentiality, something that will also serve us to provide to our IT auditors in the future.

Any ideas will be greatly appreciated.

Thanks!
0
Comment
Question by:LuiLui77
  • 2
4 Comments
 
LVL 28

Accepted Solution

by:
jhyiesla earned 500 total points
ID: 40394443
Basically you need to do just what you said - ask them if they are a store and forward service or just a forward service.  Then ask for documentation showing proof of their statement and I'd consider putting it into the contract if possible. If they are going to store them at all and you're OK with that - which isn't necessarily a bad thing, you need some signed documentation showing the level of security they have on their systems.  As  company we usually write these kinds of things either into the contracts or as a part of a Business Associate agreement. If they don't offer what you need or can't provide the signed documentation or you have some uneasiness about them, I'd move on to another service.
0
 

Author Comment

by:LuiLui77
ID: 40394533
Great advise, thank you jhyiesla!

I will be asking them for it.
0
 
LVL 25

Expert Comment

by:Mohammed Khawaja
ID: 40395083
We are using Fusemail where they not only provide anti-spam and anti-virus but they provide web browser access to email functionality in an event of your in-house mail failure.  Look at their website for email security and email continuity features so that you could ask for same thing from your provider.  Their website is www.fusemail.com
0
 

Author Closing Comment

by:LuiLui77
ID: 40406645
Hello All,

All documents need were provided. I had to sign an NDA though, which it sounds logical.

Thanks to you all!
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
February 24, 2017 — On February 23, Travis Ormandy, a vulnerability researcher at Google, reported on Twitter (https://twitter.com/taviso/status/834900838837411840) that massive stores of data have been leaked by CloudFlare, a company that provide…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

807 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question