Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

We run Exchange 2010. Our edge servers run \"passive opportunistic TLS\" for 99%

ID: 660156 • Letter: W

Question

We run Exchange 2010. Our edge servers run "passive opportunistic TLS" for 99% of the domains we communicate with. For a handful of domains, we have forced TLS on both our end and the other domain's end.

We're in the process of deploying a secure email gateway appliance. It will basically park your email message on the HTTPS-secured appliance and send a link to the recipient to create a username/password and log into the appliance to retrieve the message.

For outbound email, what does this give us that TLS doesn't? Am I missing something here?

Explanation / Answer

I work for a large company and hear many many many complaints about Portal Based Email (PBE). It is the cause of many issues, namely:

Logging into a portal slows down the email transaction. If you're taking in orders or need to read PII data, this extra step or steps may negatively affect productivity

Some portals require software on the PC such as Java. This means it's impossible to read email on BYOD devices like Phones, iPads, etc. A PC or Mac would be required. Not to mention the wrong version of Java, or lack of administrator rights to install it, means you can't read the email. period.

Users need to remember a new password for a portal. This password is stored on a remote system. Sometimes this password IS the person's work password. This is a security risk as it encourages the user to type in the corporate password instead of picking a new one.

The receiver may have a firewall enabled that prohibits access to non-standard HTTPS ports. A very well known vendor currently uses ports numbered above 2000 for users to HTTP/S POST to get the data.

Receiver compliance auditing is at risk. If the receiver is a broker dealer, or they are required to journal and archive plain text emails for auditing in the future, then if the recipient replies to your email via the portal, they are possibly in a compliance violation.

It bypasses SPAM and other AV controls on the receiver.

It encourages the pattern of clicking links within emails, which can be spoofed, and lead to nasty HTTP-browser based viruses if your portal renders data that could leverage that vulnerability.

Related Questions

We place a speaker near the top of a drinking glass. The speakeremits sound wave
Question #1757412
We place the values of “Period” and “Demand” as provided in excel in two adjacen
Question #373454
We plan to shoot Sheldon the circus Platyformer out of cannon to a maximum heigh
Question #2258769
We plate 0.2 ml of a cDNA library on a single plate; the library has a titer of
Question #255044
We play a game with a fair coin. The game stops when either two heads or tails a
Question #2956914
We play two similar games called Knockout and TKO. In both we start with n playe
Question #3848104
We preformed a lab to find the percent of chloride in an unknownsample. I\'m not
Question #677581
We present a case of an 11-year-old male patient oriented to our unit with anore
Question #3523385
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
We roll two fair 6-sided dice. (If a fair dice is rolled, the probability of it
Next
We run a clean ship here at St. Joseph. We do not abide by cursing. However, lat

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.