Focus on Microsoft
Security and Implications of Hosted Exchange Nov 15 2007 07:11PM
Dan Denton (ddenton remitpro com) (1 replies)
Re: Security and Implications of Hosted Exchange Nov 16 2007 04:34PM
Roland Dobbins (rdobbins cisco com) (2 replies)
Re: Security and Implications of Hosted Exchange Nov 16 2007 05:23PM
Shayne Sales (razman gmail com) (1 replies)
RE: Security and Implications of Hosted Exchange Nov 16 2007 05:36PM
Dan Denton (ddenton remitpro com) (1 replies)
Thanks all for the many replies, they have all been helpful. The opinions
I've received are similar to what my presumptions were. Thanks again!

-----Original Message-----
From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]] On
Behalf Of Shayne Sales
Sent: Friday, November 16, 2007 11:24 AM
To: focus-ms (at) securityfocus (dot) com [email concealed]
Subject: Re: Security and Implications of Hosted Exchange

Past companies I have worked with, who have used Hosted Exchange
services, the provider used SSL to secure the access.

OWA over SSL
and also RPC over HTTPS (SSL) for direct Outlook client Access. (2003
and Newer Outlook Clients I believe)

As for the user info, the providers I saw in use, did not need nor
require any user info. The providers had Web Based administration to
add/remove/edit user accounts, and the person doing this filled in as
much or little personal info as they want.

I also assume that being it is a hosted solution, they farm out the
exchange server to numerous other companies, but if done right, you
never noticed, you don't see the other clients in the GAL nor the
Public Folders.

The biggest concern I had with this method was Data Recovery... If the
provider should go under, what means and legalities are needed to
obtain your data back from them?

Hope that helps somewhat.

On 16-Nov-07, at 9:34 AM, Roland Dobbins wrote:

>
> On Nov 15, 2007, at 11:11 AM, Dan Denton wrote:
>
>> But, having the features of
>> Exchange without having to backup/restore the system or worry about
>> patches
>> and fixes is pretty attractive.
>
> I'm sure at least some of the folks who offer hosted Exchange would
> also offer a VPN service whereby the Exchange server wouldn't be
> exposed to the general Internet (or to other servers for other
> customers), but would be isolated with all appropriate network, host
> OS, and application BCPs, and accessible only via a VPN of some sort.
>
> -----------------------------------------------------------------------
> Roland Dobbins <rdobbins (at) cisco (dot) com [email concealed]> // 408.527.6376 voice
>
> Culture eats strategy for breakfast.
>
> -- Ford Motor Company
>
>

[ reply ]
RE: Security and Implications of Hosted Exchange Nov 26 2007 03:32PM
Wayne Anderson (wfrazee wynweb net)
RE: Security and Implications of Hosted Exchange Nov 16 2007 04:47PM
Sean Tindall (sean bulletproofnetworks ca) (1 replies)
Re: Security and Implications of Hosted Exchange Nov 16 2007 05:06PM
Roland Dobbins (rdobbins cisco com)


 

Privacy Statement
Copyright 2010, SecurityFocus