Security efforts can't be mailed in

Federal agencies need to ensure that their e-mail systems are as secure as possible, and the best way to do that is by doing a thorough check of the system, according to Christopher Klaus, founder and chief technology officer at Internet Security Systems Inc.

"Some security holes have been found in all e-mail products," he said. "I'd recommend doing a security assessment to see if all the security patches have been installed and if all the security settings are where they should be."

Though smart security policies are more important than the choice of an e-mail system, Microsoft Corp. products are more often targeted by virus and worm writers because of the company's high profile. That doesn't mean that the company's products have more security flaws, only that more attacks are designed to target them.

Choosing lower-profile products can reduce the likelihood of being attacked, but that isn't the best approach to security, Klaus said. "The security risk doesn't go away, it is just that less people are focused on" that e-mail system, he said. "The long-term solution is the ability to stay on top of security problems."

Using other software would only encourage more attacks on those other products, he pointed out. "If we told the whole world to switch from Microsoft to [other products] for security concerns, we'd be in the same mess."

Featured

  • Government Innovation Awards
    Government Innovation Awards - https://governmentinnovationawards.com

    Congratulations to the 2020 Rising Stars

    These early-career leaders already are having an outsized impact on government IT.

  • Cybersecurity
    cybersecurity (Rawpixel/Shutterstock.com)

    CMMC clears key regulatory hurdle

    The White House approved an interim rule to mandate defense contractors prove they adhere to existing cybersecurity standards from the National Institute of Standards and Technology.

Stay Connected