MS Exchange Security Assessments

An organization's mail server is a critical business application and is often overlooked when designing security programs. But how long can a business function without Email? How much critical or embarrassing organization data is being stored and passed by employees via Email? In 2014, the Sony Corporation lost use of their Email server access for over a week and had some executive level data exposed during an attack and lead to an embarrassing situation.

Microsoft Exchange is by far the most dominant corporate mail server and is often excluded from security testing due to its criticality. Network administrators sometimes exempt Exchange servers from routine patching services due to fear of crashing the core server.

Exchange is often exposed to the Web as an open Internet service and is vulnerable to scanning and exploitation, yet Exchange' s host server security is often ignored with weak passwords and no end point protection. Our security consultants can assess and advise you on your Email server security to bring it into align with your organization's security profile. SD will look at items such as spam and malware management, server configuration and maintenance, DLP settings, AD synchronization, encryption and secure message delivery.

case studies

 
big problem:
A not-for-profit client out of 401(k) compliance.
big thinking:
Allowing more contributions by highly paid employees.
 
big problem:
Hackers attempting a six-figure wire transfer.
big thinking:
Rapid action spearheaded active containment and response.

our thoughts on

Artificial Intelligence in Higher Education

Before you finish typing a key word in the search bar, it may appear as if your thoughts have been predicted. Artificial intelligence (AI) and machine

read more >

Why Higher Education Institutions Must Comply with GDPR

The EU General Data Protection Regulation (GDPR) has been in effect for 10 months. One sector that has been affected by the newly enforced regulation,

read more >

The Dichotomy of Cybersecurity in Higher Education

Cybersecurity in the higher education (Higher Ed) realm faces many challenges. Unlike corporate entities, there may be many groups outside of central IT

read more >

Minimizing Higher Ed Risks - Utilizing Internal Audit and Data Analytics

We’ve all seen various colleges and universities in the news lately, and the news was not always positive. Higher education institutions face a varied

read more >

Enterprise Risk Management in Higher Education, and How Internal Audit Can Help

Recent history indicates that the pace of change in Higher Education is unprecedented; however, institutions are only seeing a modest increase in the use

read more >

Have a question? Ask us!

We’d love to hear from you. Drop us a note, and we’ll respond to you as quickly as possible.

Ask us

contact us

Map of Pittsburgh Office
Pittsburgh

One PPG Place, Suite 1700
Pittsburgh, PA 15222

contactsd@schneiderdowns.com
p:412.261.3644     f:412.261.4876

Map of Columbus Office
Columbus

65 East State Street, Suite 2000
Columbus, OH 43215

contactsd@schneiderdowns.com
p:614.621.4060     f:614.621.4062