Exchange Security Risk Auditor
February 01, 2003
C2C Systems, Inc.Product:
Price on application
- Ease of Use:
- Value for Money:
- Overall Rating:
Plugs a loophole which many administrators are unaware of.
A niche product, but a very important niche, this product should be in every NT administrator's toolkit.
Administrators often forget that management of emails isn't simply a question of who can send or receive them, or the content. When email arrives it sits in the inbox, but who has permission to access that inbox, or other folders for that matter?
With high turnovers of employees becoming increasingly common, the stressed administrator may well lose track of individual permissions. For example, many companies usually have a set of freelance or contract email accounts that can be assigned to temporary staff. The permissions required by one contractor may be far more extensive than those required by their successor, but they could very well inherit those permissions when they arrive. And human nature being what it is, inquiring minds will almost certainly take advantage of this, whether innocently or maliciously.
C2C Systems has been looking at all aspects of email security for 10 years, and has evolved a comprehensive email lifecycle strategy. Part of that strategy is Exchange Security Risk Auditor (ESRA), a standalone application that analyzes all folders on an Exchange server and lists all permissions.
The product is installed on a machine running Windows 2000, Exchange and Outlook. The only proviso is that the user installing ESRA must have permission rights up to and including those they wish to see and change. Given that the most valuable - and potentially dangerous - permissions are the most high-level, this requires that employee to be an extremely trusted member of the company.
Configuration is just as easy. Starting with the question "who has rights over my mailbox?", the product orientates itself and is then ready to analyze the permissions of other users and groups in the network. It also works the other way, and will tell you which users have which permissions.
ESRA looks for three types of permission: Exchange, NT, and Send on Behalf of (delegate). Once it has detected either users or permissions, it asks you whether you want to change them, and what to change them to (not NT rights, however). Assuming you do have the necessary authority, tell it and run the application, it really is as simple as that.
Although this is a specialized product, it does address a potentially disastrous loophole. It is extremely simple to use, and provides a complete audit which is useful not just from a technical point of view, but also from a legal one if disaster has already struck.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Microsoft update left Azure Linux virtual machines open to hacking
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- ICYMI: CEO Sacked; MS Zero-day; Passwords dropped; Ransomware wild, charging hack
- 9.2 million medical records for sale on darkweb
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry