3 Ways Security Gateway for Email Helps Businesses Stay Compliant

Staying informed of the latest data privacy regulations can be a challenging endeavor, with a plethora of different security and retention requirements based on industry. And as these laws and regulations continue to evolve, businesses will need to evolve as well to keep up.

The timeline for compliance with new data privacy laws is “yesterday”

As Cynthia Cole, special counsel in the Palo Alto technology practice at law firm Baker Botts says in a recent interview, the timeline for data privacy compliance is “yesterday”. And because cybercriminals continue to target users with phishing campaigns and malware downloads, user education continues be a top priority.

So whether you use Office 365, Microsoft Exchange, or any other on premise or cloud hosted email service, are you confident you are protected from accidental or intentional exposure of confidential information contained in email, such as Social Security or Tax-ID numbers, or bank account numbers?

Archiving with Data Retention & Legal Hold in Security Gateway

Security Gateway includes built-in archiving and data retention policies, plus legal hold, to help businesses meet evolving data retention laws. It’s simple to set up and can help your business avoid serious litigation headaches.

Prevent Leaks of Sensitive Data

Companies of all sizes continue to suffer data breaches, and while the larger victims often make the news, many smaller companies don’t, and as many businesses have reported losses, countless more have fallen victim but have chosen not to report the incident in order to protect their reputation.

A small, early investment in additional email security and compliance can help your business avoid much costlier losses later.

Security Gateway’s Data Leak Prevention feature can help protect businesses against the loss of confidential business data transmitted via email, such as PHI (protected health information), financial data, Social Security numbers, and much more. Messages containing sensitive data can be encrypted or sent to the administrative quarantine for further review.

If you’re ready to start protecting your business against regulatory violations and data leaks, sign up for a free trial of Security Gateway for Email, and if you have questions, leave us a comment or click here to contact us by phone or email.

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

The Recent Concerns with OpenPGP and S/MIME Encryption

On Monday, May 14th, the Electronic Frontier Foundation (EFF) reported that European researchers had discovered core problems and commonplace implementation flaws in the S/MIME and OpenPGP protocol specifications. The vulnerability, which the researchers have described as EFAIL, can reportedly expose the content of encrypted emails (even messages sent in the past) to be viewed. The EFAIL vulnerability affects many email clients that use S/MIME and OpenPGP. There is a list of email clients with vulnerabilities by protocol in an article posted at thehackernews.com.

It’s very important to understand that to be at risk for this vulnerability, attackers would need access to your emails. This means that your email system has been compromised by an attacker who has access to the encrypted emails through tactics such as eavesdropping on network traffic (also known as a man-in-the-middle (MITM) attack), compromised email accounts, access to email servers, backup systems or client computers, usually achieved through social engineering attacks, such as Phishing and other tactics.

We have checked our own web-based email client (MDaemon Webmail) and our MDaemon OpenPGP-based encryption feature. Our results show that MDaemon Webmail is not vulnerable. However, the MDaemon email server OpenPGP feature is partially vulnerable to one implementation flaw. We have released a patch for affected versions of MDaemon email software, which can be found here. The current version of the MDaemon email server, v18.0.1, includes this fix.

A Reminder on the Best Email Security Practices

This latest issue should remind us all about the importance of email security practices as a whole.  Implementing strong passwords, two-factor authentication, location screening, SSL/TLS, SMTP AUTH, IP Shielding, dynamic screening, freezing accounts after failed authentication attempts, all play a role in helping to keep your accounts and your email safe. You can review a list of email security features in MDaemon here.

If you’ve implemented security to help protect malicious people from accessing your email accounts, then you are less likely to have an account compromised and you will be better protected against these types of attacks and vulnerabilities.

Ongoing Monitoring

While the researchers go into some depth to expose issues deep within the S/MIME and OpenPGP specification documents, these encryption protocols may need specification changes to address the longer-term issues mentioned in the initial report. MDaemon Technologies will continue to monitor this issue.

Additional Resources

We have provided links to past blog posts that cover a number of email security topics to provide additional information:

Thwart Hackers with Strong Password Policies

Are You Taking the Security of Your Email Account Seriously?

Why Passwords May Not Keep Your Email Safe

Block Incoming Connections by Country with MDaemon’s New Location Screening Feature

SSL & TLS Best Practices

Block Hackers from Guessing Passwords with MDaemon’s Improved Dynamic Screening

Are You Doing Enough to Protect Your Email Privacy?

Follow These 13 Tips to Avoid Being Blacklisted

New Security & Collaboration Features for MDaemon 17.5!

Introducing SecurityGateway 5.0, with New Location Screening, Terms of Service Agreements, and More!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

A New Year and a New Name

As we welcome in a New Year, we are also welcoming a new company name. Alt-N Technologies is transitioning to MDaemon Technologies. This change is now in motion and will be implemented gradually across our many company assets.

We are adopting the new name to better leverage the brand equity and recognition we have built over the many years with our trusted email server. The new name will consolidate our brand and align the company around a globally recognized name.

With the name change also brings the new tag line: Simple Secure Email. We believe this tag line summarizes the value many of our global customers and partners have expressed over the years and is synonymous with the attributes that have made MDaemon a popular email server with many IT professionals and resellers.

We may have a new name but our mission and focus remain the same: develop features in our email server and email gateway products that deliver value (reliability, security, and flexibility) to the IT professionals that put their trust in us.

For more than 20 years we have succeeded by listening to our global customers and delivering exceptional service. We treat our employees, customers and channel partners like family and we believe this is just one of the many reasons why we remain a trusted vendor in an ever changing and competitive email and email security market. We may not be the biggest company you will deal with, but we strive to be the best company you deal with!

To our current customers we thank you for allowing us the opportunity to earn your business. To prospective customers, we ask that you give us a try. Download a free 30 day trial of our products or look at our hosted services and partners.

We look forward to an exciting 2018 and the opportunity to serve you!

Happy New Year,
Kevin

Kevin Beatty
VP, Marketing & Business Development

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

Outlook Connector 5.0 Adds New Control & Reporting Features

In addition to all of the new security & collaboration enhancements introduced in MDaemon 17.5, our latest release of Outlook Connector adds additional control for administrators as well as configuration reporting for end users.

Allow or Block Certain Third-Party Outlook Add-ins to Improve Performance

With the wide variety of Outlook add-ins that users can install, one common challenge is making sure these add-ins don’t negatively impact Outlook performance. Beginning with MDaemon 17.5 and Outlook Connector 5.0, administrators can control which add-ins are enabled or disabled on client machines.

Administrator Control of Outlook Add-Ins
Administrator Control of Outlook Add-Ins

New Outlook Connector Features for End Users

Generate an Outlook  Configuration Report to Assist with Support Requests

When submitting an Outlook Connector support request, it is helpful for our support staff to know as much as possible about the Outlook configuration settings on the client computer. Beginning with Outlook Connector 5.0, users can generate a configuration report containing information such as:

  • All Outlook Connector Profiles, including the email address plus the location and size of the local cache file
  • Information about when the Outlook Connector database was last compacted, and the size of the database
  • The current version of the Outlook Connector plug-in
  • Send/receive intervals
Outlook Connector - Generate Configuration Report
Outlook Connector – Generate Configuration Report

In addition to these major updates, we’ve included various minor fixes & enhancements. More information can be found in the release notes, or if you can download our free trial to start using Outlook Connector today!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •