April 24, 2013

Security features in Outlook 2010

Outlook 2010 provides several features for ensuring the security of your data, messages, and identity. This is a brief overview of security features in Outlook 2010 to give you a basic understanding of the issues involved.

Protection Against Web Bugs

Many spammers (people who send unsolicited email) use web beacons to validate email addresses .The spammers send HTML-based email messages that contain links to external content on a website (the web bug), and when the recipient’s email client displays the remote content, the site validates the email address .The spammer then knows that the address is a valid one and continues to send messages to it.

Outlook 2010 blocks web beacons, displaying a red X instead of the external image .You can view blocked content selectively, on a per-message basis, or you can configure Outlook 2010 to view all content but control access to HTML content in other ways .You can also turn off web beacon blocking, if you want, and control external HTML content in other ways.

Attachment and Virus Security

Now!! You probably are aware that a virus is malicious code that infects your system and typically causes some type of damage .The action caused by a virus can be as innocuous as displaying a message or as damaging as deleting data from your hard disk .One especially insidious form of virus, called a worm, spreads itself automatically, often by mailing itself to every contact in the infected system’s address book .Because of the potential damage that can be caused by viruses and worms, it is critically important to guard against malicious code entering your system .

There are multiple possible points of defence against viruses and worms .For example, you might deploy perimeter protection in the form of one or more firewalls that scan traffic coming into your network and leaving it .Also you might have virus protection at the server level .You probably have a local antivirus client that checks the files on your computer and potentially also checks attachments that come into your Inbox . All of these are important options for protecting your network and your computer from infection .
An additional security feature that is new in Office 2010 is Protected View .When you open an attachment that is an Office file type (a Microsoft Word document, a Microsoft Excel spreadsheet, etc), the document opens in a separate sandbox instance of the application . For example, assume that you have Word open and are working on a document that you created .Then, you switch over to Outlook and open a Word document that arrived as an attachment to an email .Word opens a separate version to display that attachment, but this sandbox version of Word operates with greater restrictions and fewer rights and privileges than the version that you are using to modify your own document .You can’t save the file or edit it while it is running in this version, so the application displays a banner across the top labelled Protected View , and provides a button labelled Enable Editing that, when clicked, enables you to edit the document, save it, and so on
The combination of attachment blocking and Protected View will protect your computer from a wide variety of potential threats, but that combination can’t protect against all threats .For that reason, you should ensure that you have an updated antivirus client running on your computer as well as at your mail server .Adding protection at the perimeter of the network is a good idea as well .

Digital Signatures

Outlook 2010 allows you to add a certificate-based digital signature to a message to validate your identity to the message recipient .Because the signature is derived from a certificate that is issued to you and that you share with the recipient, the recipient can be guaranteed that the message originated with you, rather than with someone trying to impersonate your identity .

In addition to signing your outgoing messages, you can use secure message receipts that notify you that your message has been verified by the recipient’s system .The lack of a return receipt indicates that the recipient’s system did not validate your identity .In such a case, you can contact the recipient to make sure that he or she has a copy of your digital signature .

Message Encryption

Where the possibility of interception exists (whether someone intercepts your message before it reaches the intended recipient or someone else at the recipient’s end tries to read the message), Outlook 2010 message encryption can help you keep prying eyes away from sensitive messages .This feature also relies on your digital signature to encrypt the message and to allow the recipient to decrypt and read the message .Someone who receives the message without first having the appropriate encryption key from your certificate installed on his or her system sees a garbled message .

Message: Although you can configure Outlook 2010 to send a digital signature to a recipient, there is no guarantee that the recipient will add the digital signature to his or her contacts list. Until the recipient adds the signature, digitally signed messages are not validated, and the recipient cannot read encrypted messages from you.

No comments: