Cloud computing is a popular topic these days.  One of the ways in which cloud computing is being delivered to businesses is by hosted email security services.

A hosted email security provider offers antivirus and antispam protection for their customers using servers hosted off the customer’s premises.  This delivery model carries many benefits to the customers.

Equipment Costs – by choosing a hosted service the customer is not required to purchase their own server hardware to run the security product on their own premises.

Support Costs – support is included in the monthly fee to the hosted provider, so the customer is not required to hire and retain staff to manage an on-premise solution.  The hosted provider is responsible for all maintenance and upgrades to keep the service running smoothly.

License Costs – because the customer is not running their own server they also save on software licensing costs.  Furthermore they are simply paying a per-user license cost to the hosted provider.

Bandwidth – because any virus or spam emails are filtered by the hosted provider that traffic never reaches the customer’s network, saving their bandwidth which is both a cost and a performance benefit. Continue reading 9 Benefits of Hosted Antispam Services»

I am currently involved in discussions with a client about the feasibility of moving their Exchange environment to a hosted email provider.  The client is considering it on the basis that it will reduce costs and improve the maintenance and health of their email platform by having it all looked after by an outsourced provider.

At face value these points may be valid (a detailed cost/benefit analysis is still ongoing) however one item that did come up in the technical analysis is the impact it would have on the choice of email security product being used.  Basically it would remove the choice entirely, as the providers being considered offer a single solution for email anti-virus and anti-spam protection.

Although most email security products have similar features, not all of them are created equal.  Features can be included or excluded from product to product, and even features that are common between products can have very different levels of quality and performance. Continue reading Do Hosted Email Providers Mean Lack of Choice?»

On Monday, users of Norton Internet Security and Norton Antivirus started seeing firewall alerts warning them that an executable named PIFTS.exe was attempting to connect to stats.norton.com. Conspiracy theories immediately started to spread like wildfire. What exactly was PIFTS? Were Symantec surreptitiously monitoring their users? Or was this something much more sinister?

The discussion raged on sites such as Slashdot and on forums across the internet. Symantec fanned the flames when they started deleting questions about PIFTS which had been posted to their web forum without explanation. What did they have to hide? To make matters worse, users searching for information on PIFTS found that they were being directed to malicious websites. Brian Krebs of the Washington Post noted:

          Some of the top searches (currently the 3rd and 4th result in a Google search) are Web sites that try to install malicious software when you visit them. Both results take you to sites that use Javascript attacks to try and foist rogue antivirus products (ah, the irony).

Symantec finally issued a statement which confirmed what had happened:

          Symantec released a diagnostic patch “PIFTS.exe” targeting Norton Internet Security and Norton Antivirus 2006 & 2007 users on March 9, 2009. This patch was released for approximately 3 hours (4:30 – 7:40 PM March 9, 2009 Pacific Time). In a case of human error, the patch was released by Symantec “unsigned”, which caused the firewall user prompt for this file to access the Internet. The firewall alert for the patch caused understandable concern for users and began to be reported back to Symantec. Releasing a patch unsigned is an extremely rare occurrence that does not pose any security issues to our users. The patch reached a limited number of Norton customers and has subsequently been pulled from further distribution. Norton users are fully protected and do not need to take any action as a result of this issue. Continue reading The PIFTS.exe Conspiracy»

Security experts say that the current financial crisis even has scammers worried. The recent rollercoaster on Wall Street has cybercriminals scrambling to find other sources of income believing their pool of targets is shrinking. Instead of going after banking information, passwords and credit card numbers, new spam campaigns are focusing on tricking people into purchasing fake antivirus programs and downloading ransomware.

Continue reading Even Scammers Are Affected By Credit Crisis»