A well-planned move to outsourced email security service should allow most organizations to reduce capital costs,...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
achieve predictable costs, as well as improve performance, reliability and security. An obvious advantage of using such a service is the convenience of having someone else manage messaging processes and infrastructure associated with message filtering, delivery and the elimination of spam-related network traffic.
Another advantage of email security outsourcing is its relatively easy implementation. Outsourcing doesn't require on-site equipment or third-party access to private servers and networks. Setup usually just involves changing a domain name system's MX (mail exchange) record to point to the service provider's mail gateway.
Such an arrangement also provides a side benefit: your email servers will be protected from denial-of-service attacks. If your mail server only picks up mail from the service provider, all DoD mail attacks will have been filtered and handled by the service provider's defense infrastructure. Also, because filtering is performed outside of your own network, it won't interfere with your perimeter defense devices. With outsourcing, it's often easy to avoid over-engineered systems. In many cases, the services can be scaled to current usage requirements.
When reviewing possible service providers, you must verify that the service level agreement (SLA) is going to deliver the security, reliability and costs that you require. A good email service provider should offer the following:
I would also look for a provider who offers outbound message cleansing and policy enforcement. Secure connections are also important so that encrypted email pathways can be set up between offices and business partners.
So, are there any downsides to outsourcing? Some organizations may feel uncomfortable losing control over some of their infrastructure. A service provider does add another hop to the email chain, and that may cause concern for some, since email is inherently insecure. My opinion is that outsourcing email is no more or less risky than using an ISP or using mail delivery services such as FedEx or UPS.
However, there are the risks that exist in any commercial relationship. How financially stable is the provider? How easy would it be to move to another provider or bring email back in-house if you weren't happy with the outsourced service? As with any outsourcing decision, you must do proper due diligence when choosing from one of the many outsourcing services. You should try to find a provider that will protect against such issues.
Dig Deeper on Email Security Guidelines, Encryption and Appliances
Related Q&A from Michael Cobb
Open source NoSQL MongoDB database faced 30,000 insecure instances. Expert Michael Cobb explains the misconfiguration that led to this, and how to ...continue reading
A new Veracode report offers details on common mobile application security risks. Expert Michael Cobb explains these flaws, and what developers can ...continue reading
Juniper firewall products were found to have two backdoor vulnerabilities. Expert Michael Cobb explains how a cryptographic algorithm and hardcoded ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.