Internet and Email Access

Simple, secure, effective, and inexpensive workgroup connections to the Internet.

Dialup access to the Internet Service Provider (ISP) for workgroups, small businesses and power users may be the best way to go with the help of new proxy router software.

Current implementations connecting workgroups to Internet access require the permanent assignment of a pool of Internet addresses that are installed in the public Internet router tables. Each of these assigned addresses can be accessed by anyone on the public Internet.

 Usually the access lines are connected to a local router that is also directly connected to the Local Area Network (LAN). This exposes the entire internal workgroup network to Internet based attacks.

One way to avoid this security exposure is to use Single User Accounts (SUAs) to make connections with the ISP that are physically and logically separate from the internal LAN connections. SUAs are used for ordinary dialup connections and do not require a permanent allocation of Internet addresses. Instead, a temporary address is assigned dynamically every time a call is connected.

 New enabling SuPR software extends this capability for workgroups where SUA connections can be shared between multiple users connected to a LAN. And, SuPR software can dynamically route browser file retrieval over multiple SUA connections to provide faster Internet access for a single user. This is why SuPR is called a Proxy Router.

"You've Got Mail!"

You do not have the right to remain silent. Anything you write can be used against you in a court of law.

In February, I watched Microsoft executives face the most challenging evidence in the Department of Justice (DOJ) trial--their own email. Imagine looking at email you had written years ago flashed up on a big screen and having the prosecutor say, "Now explain exactly what you meant by 'We will crush Netscape.'" Microsoft executives became afraid to speak for fear of having more of their words used against them.
I actually felt sorry for Microsoft. I'm not talking about the issues in the trial, but the way the DOJ is using someone's personal email as evidence against that person. I imagined getting a subpoena from a competitor alleging unfair practices. I further imagined the DOJ asking me for every email message related to the case for the past 5 years. And if I couldn't produce enough email to satisfy the discovery process, could the court request the backup tapes from my IS department? The thought of a prosecutor reading all of my email, line by line, is horrific. The same court that would never ask you for a tape of every phone conversation related to a case will routinely ask for every email message you've ever sent on the subject.
I'll bet Bill Gates and Jim Allchin are thinking, "I never want to go through this again." I'll bet Microsoft executives are discussing email retention policies, email encryption, email filters, alternate email IDs, and other ways to keep the courts from using their messages against them. I've heard of one Microsoft email policy that includes Cc'ing a Microsoft attorney on email messages and invoking the attorney-client privilege. These email messages are then exempt from the court's prying eye. Unfortunately, you can't blind Cc your lawyer, and you can only Cc messages where you have actively engaged a lawyer for a specific issue. And this action is not retroactive to the thousands of messages you've already sent. What does email privacy mean to you? As an IS professional with the job of managing your corporate email, you must provide security, backup, and recovery for this mission-critical application. You might be the person the court asks to hand over email messages or backup tapes because someone is suing your organization. How you handle this situation can affect your organization's future. Recently, an organization went through this process and told the court that it didn't have any backup of email beyond 30 days. Management personnel said their policy was to delete these records for privacy reasons. The court was upset and demanded that the company keep permanent email backups. This type of requirement has led Microsoft to add message journaling with Service Pack 1 (SP1) of Exchange Server 5.5. Message journaling keeps a separate database containing every message that Exchange Server sends or receives. Microsoft's internal message journal increases by 3 million records per day!
What about encryption? With Exchange Server, you can use S/MIME to encrypt messages that your server stores. However, after recipients open their email, they often store the messages unencrypted in their Saved Messages folder. Backups of yesterday's files can contain saved messages that date back years. Even with encryption, the court likely will require you to supply the private key upon request. Perhaps the courts will treat losing a private key the same as shredding evidence. You can expect the courts to require you to manage encryption keys and hold a set of private keys in an escrow account for potential legal reasons. You can manage encryption keys with Exchange Server using Microsoft Certificate Server and certificate trust lists.
Has empathy for Microsoft made me a little paranoid? Perhaps, but I wonder if any boundaries remain in the legal discovery process? Unfortunately, ignorance is not bliss. In the event that you don't have an email policy in place at your organization, the court will assign you one--and it won't be in your best interest.

by Mark Smith, Editorial Director of Windows NT Magazine, provides insights and analysis on today's hot NT trends. http://www.winntmag.com/update

 One way to avoid this exposure is to use Single User Accounts (SUAs) maintained by an independent Internet Service Provider (ISP). Let the ISP handle all the Email as a matter of corporate policy to save money and outsource administrative functions.

 

 To realize these benefits, install SrDA POP data modems and SuPR software with Microsoft Corporation Windows NT Server 4.0 or NT 4.0 Workstation software. One ISA bus slot can support 4 or 8 built in 56Kbps data modems. Real time online monitors provide important operational information on the status of each modem and each connection to the Internet. Order a few telephone lines and simply plug them into a modular jack socket.

 There is no requirement for external routers, firewall software, dedicated leased line telecommunication circuits, data communication specialists and backup circuits. This can result in some big savings.

 In addition, dialup lines can be bundled together into a single link using MultiLink PPP that can be shared with multiple users.

 Simple, powerful and easy to use. SUAs also allow the ISP to maintain the EMAIL for everyone so that's one more headache you can dispense with.

Back to Front Page