From a cybersecurity point of view the use of a private electronic mail (email) server must be justified by promoting the security of the email communications. The great value of email is that it permits exchanging messages between almost any two parties without much more preparation than the exchange of the email addresses of the communicating parties. But Goodrich and Tamassia (2011, pp.500-501) explain that fundamental email protocols do not address authentication, integrity or confidentiality issues of secure communications. Sending email uses the Simple Mail Transfer Protocol (SMTP) which is a text based application layer protocol that can be easily monitored, intercepted and even manipulated by unauthorized agents en route.
Whether or …show more content…
These messages remain behind the corporate firewall, possibly never leaving the email server, where they are better protected from packet sniffing by external agents. Protecting email from packet sniffing by internal agents can be achieved by standard methods applicable to all network traffic. Guarding against ARP spoofing by checking for duplicate MAC addresses and by using static ARP tables, or software solutions such as Xarp and Arpwatch (Goodrich and Tamassia. 2011, pp. 234-235). Dividing the organization 's network into sub-networks by user group function and using Ethernet switches rather than hubs to reduce the amount of different network traffic that is available at each network interface and thus vulnerable to sniffing (Goodrich and Tamassia. 2011, pp. …show more content…
Because both the sending and receiving email servers are under the control of the organization, it can use S/MIME to digitally sign email messages. This authenticates the sender to the receiver and validates the integrity of the message, that it has not been modified in transit (Goodrich and Tamassia. 2011, p. 504). Furthermore, the organization can link their internal access control system to the email server 's list of users to facilitate provisioning email addresses to their employees and decommissioning those addresses when the employee leaves the organization, further authenticating the sender and receiver of emails to each
Whether or …show more content…
These messages remain behind the corporate firewall, possibly never leaving the email server, where they are better protected from packet sniffing by external agents. Protecting email from packet sniffing by internal agents can be achieved by standard methods applicable to all network traffic. Guarding against ARP spoofing by checking for duplicate MAC addresses and by using static ARP tables, or software solutions such as Xarp and Arpwatch (Goodrich and Tamassia. 2011, pp. 234-235). Dividing the organization 's network into sub-networks by user group function and using Ethernet switches rather than hubs to reduce the amount of different network traffic that is available at each network interface and thus vulnerable to sniffing (Goodrich and Tamassia. 2011, pp. …show more content…
Because both the sending and receiving email servers are under the control of the organization, it can use S/MIME to digitally sign email messages. This authenticates the sender to the receiver and validates the integrity of the message, that it has not been modified in transit (Goodrich and Tamassia. 2011, p. 504). Furthermore, the organization can link their internal access control system to the email server 's list of users to facilitate provisioning email addresses to their employees and decommissioning those addresses when the employee leaves the organization, further authenticating the sender and receiver of emails to each