Lotus cc:Mail Security Audit Service

2.15

Lotus cc:Mail Security Audit Service

THE INFORMATION CONTAINED HEREIN IS PRIVILEGED AND CONFIDENTIAL INFORMATION INTENDED ONLY FOR THE USE OF THE CUSTOMERS of GLOBAL SYSTEM SERVICES CORPORATION (GSS). IF THE READER OF THIS MESSAGE IS NOT A GSS CUSTOMER, YOU ARE HEREBY NOTIFIED THAT ANY DISSEMINATION, DISTRIBUTION OR COPY OF THIS INFORMATION IS STRICTLY PROHIBITED.

IF THE READER OF THIS MESSAGE IS A GSS CUSTOMER, PLEASE BE ADVISED THAT NO PART OF THE INFORMATION CONTAINED HEREIN MAY BE REPRODUCED IN ANY FORM BY ANY ELECTRONIC OR MECHANICAL MEANS, INCLUDING PHOTOCOPYING, RECORDING, OR INFORMATION STORAGE AND RETRIEVAL, WITHOUT THE WRITTEN PERMISSION OF GSS.

Unknown Risks

For most organizations, the e-mail system is the backbone of business communications and is integral to all aspects of business operations. As a result, confidential information is routinely communicated and disseminated through the e-mail system. Users with access to privileged and confidential information also have access to e-mail. For these reasons, security risks are endemic to any e-mail system and the cost of security exposures can be extremely high.

A security risk is anything that can result in unauthorized access, alteration or destruction of data through the unauthorized activities or errors of users or administrators within an organization, or through eavesdropping, unauthorized use, or malicious hacking from without.

Lotus cc:Mail is arguably the most secure LAN-based messaging system on the market today. However, most cc:Mail customers are lulled into a false sense of security because they believe that the security of cc:Mail at its end-points and in its message transfer agents (MTAs) means end-to-end security. In fact, there are many categories of security risk that are not accounted for by the design of any cc:Mail software component. As a result, careful attention must be given to systemic security risks.

Most customers think that cc:Mail’s built-in security is ‘good enough’, but in most cases this is only true because significant security exposures have never been exploited or have simply gone unnoticed. In other words, most cc:Mail systems contain multiple security exposures. They are accidents waiting to happen.

In order to help you accurately identify and effectively manage security risks in your cc:Mail environment, GSS has created the cc:Mail Security Audit Service. This service will identify the risks in your system and provide solutions. There is no cc:Mail system that cannot benefit from this service.

System Risks and Vulnerabilities

cc:Mail security is robust compared to any other LAN-based messaging system at the user, server, and communications levels. cc:Mail security consists mainly of user passwords at workstations, encrypted message and directory stores at the server, and encrypted communications within the system. Although the end-points are covered in terms of the design of each software component, a typical cc:Mail system contains many systemic security exposures.

• In any cc:Mail system, the user workstation and the message store are not the true end-points of the system.
• Often the system extends to external cc:Mail systems, such as those of clients or vendors.
• Most cc:Mail systems are linked to one or more foreign mail systems, such as Internet, that may not be secure.
• A cc:Mail system extends across post offices not only through message routing but also through the exchange of directory and bulletin board information.
• Improper implementation of the built-in security features of cc:Mail, such as minimum password lengths and expirations, can render them ineffective.
• All cc:Mail systems are only as secure as the information used for their configuration and management.
• Automated processes, such as maintenance batch files, added to a cc:Mail system may contain confidential information or create other security risks.
• The cc:Mail system introduces substantial new security risks to the LAN environment.
• Every LAN environment contains significant security risks to the cc:Mail system.

Each of the factors above introduces a category of security risk not accounted for by the design of any software component that makes up a cc:Mail system.

Internal Versus External Risks

The systemic security exposures in cc:Mail can be divided into internal and external risks. Internal risks are risks that exist within a given system. External risks occur whenever a cc:Mail system is connected to external systems. These risks can also originate within a given system, or they can involve connected cc:Mail systems, or foreign mail systems.

Relying on the Honor System

Although cc:Mail provides mechanisms to protect the system against many internal risks, these provisions are strictly for the purpose of preventing unauthorized access to administrative functions and message data. To put things in perspective, in most systems, users have the ability to destroy directory information and message data unless specifically prevented from doing so through mechanisms outside the cc:Mail system. At the same time, users regularly have access to addresses and mailing lists that they may not be authorized to use. In other words, the built-in security of cc:Mail is partly the honor system. In effect, users agree not to destroy data or to use addresses and mailing lists that they are not authorized to use.

External Risks

External risks can be further divided into three categories: (1) risks within a system; (2) risks involving connected cc:Mail systems; and (3) risks involving the exchange of mail with foreign mail systems. In any externally-connected cc:Mail system there is a risk that confidential data may be compromised, in the form of text messages or messages containing file attachments, when these materials are sent outside the system by users, whether deliberately or by mistake. Due to the lack of security features in the cc:Mail directory, any user can accidentally send confidential information outside the organization. A significant risk in any externally-connected cc:Mail system is the exposure of user workstations to computer viruses originating outside the system.

The internal security risks associated with unauthorized use of addresses and mailing lists are increased by an order of magnitude when an external cc:Mail system is connected. At the same time, new categories of risk are created, ranging from vulnerabilities related to ADE configuration to the risks of malicious mail misappropriation and unauthorized message routing through the system by outside entities.

External risks involving foreign mail systems consist mainly of less secure or unsecure communications with these systems. However, an often overlooked weakness is the security of e-mail gateways connected to a cc:Mail system. In many cases, gateway machines store message and address data in unencrypted files on a local hard drive or in queue directories on a LAN file server. Access to these files, including the ability to undelete these files after messages have been sent by the gateway, must be controlled by mechanisms outside the cc:Mail system.

Approaching Risk management

All of the risks discussed in this document can be managed effectively when appropriate measures are taken. GSS provides the solution. The GSS cc:Mail Security Audit Service includes:

• Consultation and assessment of security requirements
• cc:Mail system design review from a security perspective
• On-site check of servers, Routers, and e-mail gateways
• A detailed report of specific security risks in your system
• Specific recommendations that will minimize or eliminate risks

The GSS cc:Mail Security Audit Service provides you with solutions that will minimize or eliminate security risks in your cc:Mail system. Don’t let your system be an accident waiting to happen.

Experience Superior Value

With GSS customers always know what they will receive, how much they should invest, and how long it will take to achieve their goals. Let GSS help you migrate quickly and smoothly to a secure e-mail infrastructure. Over the years GSS has proven its value by helping customers successfully meet the most demanding IT challenges. GSS has relationships with major vendors that involve training and certification of GSS staff, but the certification that GSS points out most frequently is customer loyalty. GSS is successful because GSS customers are successful.

About GSS

Global System Services Corporation (GSS) is the leading provider of consulting and professional services for large-scale and distributed infrastructure systems such as email and messaging, directory services, groupware, and wireless solutions. GSS customers include Fortune 500 companies, large services providers and telecom companies, government agencies, major messaging product vendors, and innovative technology startups.

GSS provides a complementary suite of services including strategic technology consultation and competitive vendor and product analysis, product and system architecture and design, system development deployment, customization, and testing, technical support, email migration, and other IT services. GSS has been directly responsible for some of the largest global systems and solutions and counts as customers many of the largest companies in the world.

From its offices in the Silicon Valley California, GSS delivers services and solutions to customers worldwide through a network of mobile consultants and qualified GSS Affiliates. With industry certified professionals on staff, GSS is a Qualified Lotus Business Partner, a Certified Microsoft Solution Provider (MCSP), a Principal Partner in the Sun Partner Advantage program and a member of the Sun Software Partner Council, as well as a member of key industry organizations.

Contact GSS

©1995-2005 by Global System Services Corporation (GSS). Portions of this material are copyright ©1995-1999 by Ron Herardian