dpkyte Posted March 10, 2006 Posted March 10, 2006 I set up a URL for a customer, as well as an e-mail system. Their main question on this is Security, who can access, how they can access ... Since they are keeping their e-mails (access to it on multiple PC's) on the server what issues need to be addressed? Is there somewhere I can pull information on how secure the e-mail system is, who can access on the TCH end and anything else. I need them to feel safe and secure and need to give them all the info. Thx, DPK Quote
TCH-Bruce Posted March 10, 2006 Posted March 10, 2006 I'm not sure what kind of answer you are looking for. Email is not encrypted on the server so anyone with system level access (techs) have access to read anything in the files. Would they? Not unless required by law. How secure is the URL? That depends on how secure their passwords are. It is the users responsibility to use difficult to guess passwords and change them often if required. Quote
dpkyte Posted March 10, 2006 Author Posted March 10, 2006 I guess a follow up to this would be how secure is this as opposed to other hosting options. Would it be best to have a server on their end where they access the information, that way they have all the e-mails there? And they only have access to it. I suppose a SSL would really not make a difference here since they are using horde or squirrlemail to access? Until I configure outlook express, to point to the server, would doing the outlook make it less secure. In a nutshell, they dont want others accessing their information. Quote
TCH-Tim Posted March 10, 2006 Posted March 10, 2006 You could put a server on their own network, but then you have to worry about server administration (including hardware, operating system, mail server, etc.) administration, server security, network security, and network availability all yourself. And I personally (as a member of the Internet community) have just as much opportunity to hack that server as I do to hack the server TCH hosts. The difference is that TCH does this stuff for a living and they seem to be pretty good at it. If I was concerned about TCH techs reading my email I wouldn't host my sites here and I wouldn't host other people's sites here. I'm sure the TCH techs have other things to do, and like Bruce said, they would only do it if required by law. So don't do anything illegal that might get you busted. When you assess a security solution you need to look at the value of what you are protecting vs. the cost of protecting it. What are they sending in the email? Financial information? Government secrets? Or did they watch the news last night and there was a story about identity theft or something and now they're just being overly paranoid. Have to find the balance. A good place to start is strong passwords. That's usually the easist and most important place to start. Letters, numbers, special characters, nothing that can be found in any dictionary in any language, and so on. If they don't have secure passwords, it doesn't matter how secure the server is or who else can look at the files. Quote
TCH-Don Posted March 10, 2006 Posted March 10, 2006 Don't forget you can access Squirrel Mail securly by using https://my-tch-domain.com:2096/3rdparty/squirrelmail/index.php Quote
dpkyte Posted March 10, 2006 Author Posted March 10, 2006 Thanks guys for the information on this. I feel much better now. Will especially refer to the HTTS URL. DPK Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.