You wouldn't give a stranger your bank details would you? How about your email login and password? Of course not! If you lose your laptop, USB memory stick, mobile phone or blackberry how safe would you feel? Not only the loss of your work, contacts and emails (which of course you can retrieve from your most recent backup) and the wasted time getting back up and running caused. What happens to your machine in someone elses hands? It could be a competitor,,,
In this age of increasing cybercrime. More people are online than ever before and make use of computers from everything to writing correspondence and letters, keeping a database of your contacts, managing your finances whether commercial or private - you would think that people would be more aware of computer security but it seems that there are many patches in people's knowledge.
The majority of online banks issue card readers requiring the user to have a username, a password and a device accompanied by something that only the authorised user possesses - their debit card and their pin number. An excellence way to secure online transactions - you see, an attacker may guess a username and password but they also require access to the debit card and pin making it even harder to access unauthorised information.
Google apps have also recently deployed two factor authentication. Making use of the Android, iphone or blackberry by running an app providing an up-to-the minute key required to access your online account - thus safeguarding your work even further than just a username and password.
But it's great having online security but what about all of those documents that you carry on your computer or laptop? Securing an entire drive can be done in a matter of a few hours and does not cost much at all. Also causing hardly any disruption at all you can ensure that your data is for your eyes only and no one else. The data on the physical hard drive appears in no readable form whatsoever and you just need to enter the correct password upon bootup to access the data - simple!
Why didn't I do this before? I hear you ask.
Because you probably didn't know if was possible, easy, quick, seamless and transparent. No you know that it is, contact us at www.firbanks.com NOW to secure your data.
Have you PIN protected your mobile phone? Why not? If someone else possesses your phone your text messages, contacts, emails and any other data stored on the device is immediately accessible. Set a pin, it's simple! If you're not sure how to do it then contact us and we'll show you.
Your data is safe with us. Firbanks IT employ data encryption on all of our fixed office and portable laptops. We work with many customer's data during times of data recovery and you can feel safe that any data that passes our systems is entirely secure. Our email systems support two-step authentication - ensuring that only our staff have access to their email and no one else. All portable phones are protected each with their own unique key with remote wipe functions to completely wipe and disable the device should it fall in to the wrong hands.
Our office telephony systems are fully digital ensuring complete security and prevention of eaves droppers easily being able to listen in on the conversations.
Ask us on how you can work more securely. Don't leave your data to chance.
Friday 29 October 2010
Friday 1 October 2010
Understanding SMTP and mail delivery
A couple of IT guys new to the business have recently enquired to the workings of SMTP. Below I attempt to explain the basics of how mail is delivered and accepted.
SMTP stands for 'Simple Message Transfer Protocol' and in itself is a very basic text form of message transfer. A straight forward set up would comprise of a server running mail software listening on port 25 for connections waiting for a sending mail server to connect to it. A listening mail server will be configured with a list of domain names in which it can accept email delivery. So for this example we'll use xyz.com.
When a sending server connects to the 'listener' on port 25 a few text based transactions take place. Mainly, the identity of the sending mail server - i.e. abc.com and the intended recipient of the email - for example fred@xyz.com. As long as the domain matches an approved list, the receiving server will accept delivery of the email, match the message to a user list and then either pass on the message or bounce it back to the sender (usually be making an outbound SMTP connection back to the sending server and generating a bounce message).
In order to receive an email the sending server must know how to reach it so here goes a basic explanation of DNS and MX records..
DNS servers are like an index which is searched upon to tell the requester the location of a server/service. We'll just focus on A and MX records for now.
Firstly, a server needs a name - mail.xyz.com will do for now. So, say the server listening for xyz.com's email has an internet IP address of 111.111.111.111 there would be an A record pointing to this.
It would look like
mail.xyz.com. A 111.111.111.111
It's as simple as that. But for mail transfer to work there also needs to be a 'mail exchange' record for xyz.com to explain where to send the email. We know it needs to go to mail.xyz.com so...
MX 5 mail.xyz.com.
Would be a typical entry that you would need. This tells the sending server that any mail for xyz.com is sent to mail.xyz.com which is based at the IP address of 111.111.111.111. The sending server than creates a connection on port 25 to 111.111.111.111 then transacts the email across.
All in all, this is a very basic, plain email system. There are many variables and security aspects and spam implications. As you can see, an SMTP receiver by itself just 'listens' for email. A bit like a postbox is ready to receive a letter from ANY sender. Without more advanced configuration a high risk of spam and the possibility of configuring an open relay is always a risk. We'll explain this in more detail soon.
SMTP stands for 'Simple Message Transfer Protocol' and in itself is a very basic text form of message transfer. A straight forward set up would comprise of a server running mail software listening on port 25 for connections waiting for a sending mail server to connect to it. A listening mail server will be configured with a list of domain names in which it can accept email delivery. So for this example we'll use xyz.com.
When a sending server connects to the 'listener' on port 25 a few text based transactions take place. Mainly, the identity of the sending mail server - i.e. abc.com and the intended recipient of the email - for example fred@xyz.com. As long as the domain matches an approved list, the receiving server will accept delivery of the email, match the message to a user list and then either pass on the message or bounce it back to the sender (usually be making an outbound SMTP connection back to the sending server and generating a bounce message).
In order to receive an email the sending server must know how to reach it so here goes a basic explanation of DNS and MX records..
DNS servers are like an index which is searched upon to tell the requester the location of a server/service. We'll just focus on A and MX records for now.
Firstly, a server needs a name - mail.xyz.com will do for now. So, say the server listening for xyz.com's email has an internet IP address of 111.111.111.111 there would be an A record pointing to this.
It would look like
mail.xyz.com. A 111.111.111.111
It's as simple as that. But for mail transfer to work there also needs to be a 'mail exchange' record for xyz.com to explain where to send the email. We know it needs to go to mail.xyz.com so...
MX 5 mail.xyz.com.
Would be a typical entry that you would need. This tells the sending server that any mail for xyz.com is sent to mail.xyz.com which is based at the IP address of 111.111.111.111. The sending server than creates a connection on port 25 to 111.111.111.111 then transacts the email across.
All in all, this is a very basic, plain email system. There are many variables and security aspects and spam implications. As you can see, an SMTP receiver by itself just 'listens' for email. A bit like a postbox is ready to receive a letter from ANY sender. Without more advanced configuration a high risk of spam and the possibility of configuring an open relay is always a risk. We'll explain this in more detail soon.
Subscribe to:
Posts (Atom)
