Security efforts can't be mailed in

Federal agencies need to ensure that their e-mail systems are as secure as possible, and the best way to do that is by doing a thorough check of the system, according to Christopher Klaus, founder and chief technology officer at Internet Security Systems Inc.

"Some security holes have been found in all e-mail products," he said. "I'd recommend doing a security assessment to see if all the security patches have been installed and if all the security settings are where they should be."

Though smart security policies are more important than the choice of an e-mail system, Microsoft Corp. products are more often targeted by virus and worm writers because of the company's high profile. That doesn't mean that the company's products have more security flaws, only that more attacks are designed to target them.

Choosing lower-profile products can reduce the likelihood of being attacked, but that isn't the best approach to security, Klaus said. "The security risk doesn't go away, it is just that less people are focused on" that e-mail system, he said. "The long-term solution is the ability to stay on top of security problems."

Using other software would only encourage more attacks on those other products, he pointed out. "If we told the whole world to switch from Microsoft to [other products] for security concerns, we'd be in the same mess."

Featured

  • Defense
    DOD photo by Senior Airman Perry Aston  11th Wing Public Affairs

    How DOD's executive exodus could affect tech modernization

    Back-to-back resignations raise concerns about how things will be run without permanent leadership in key areas from policy to tech development.

  • Budget
    cybersecurity (vs148/Shutterstock.com)

    House's DHS funding bill would create public-private cyber center

    The legislation would give $2.25 billion to DHS' cyber wing and set up an integrated cybersecurity center with other agencies, state and local governments and private industry.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.