Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Executive - Noob about security with email

Status
Not open for further replies.
rebecia

rebecia

Technical User
Jun 14, 2006
4
CA
I am a executive and we have a inhouse IT guy(with admin rights) supporting our server 2003 and email exchange. My question is

Does the IT guy have access to read my emails from the server?

If so what can be done to encrypt certain mailboxes?
 
Sort by date Sort by votes
1) I'm unclear whether your Exchange server is Exchange 5.5 or Exchange 2003.

2) Yes, an email admin has *potential* to access any mailbox on the server, regardless of the version of Exchange.

3) I'm not sure how encrypting the mailboxes would help - presumably the person who implemented the encryption would be your email admin guy, thus ensuring that he had administrative access to the encryption details... so how would this stop him changing these to access the mailbo(es) still?

4) If you can't trust your admins, who can you trust? Basically, if they aren't honest and reliable and holding 100% of your trust, you have much bigger potential problems that just a few mailboxes being accessed.
 
Upvote 0 Downvote
A general rule of thumb is never send anything in e-mail that you don't want the entire world to know about.
 
Upvote 0 Downvote
Chances are he has the ability to do it. Chances are he doesn't though.

If you suspect him and he is the only guy doing IT, I'd say you need to escort him off the premises at the same time that you bring in a consultant to change all passwords and access rights. That is never a straight forward process.
 
Upvote 0 Downvote
With encryption, you don't encrypt your mailbox, you encrypt each message. Because the encryption is applied via software on your PC, it can be maintained by you with your own personal key, thus preventing anyone - including any IT personnel or anyone at your ISP - from reading your e-mail, except for those with the decryption key.
 
Upvote 0 Downvote
And who would implement, and therefore have, the encryption/decryption software and keys? The IT guy.

We have mailboxes where the contents are all encrypted. Anybody can access and decrypt as long as they have the key.
 
Upvote 0 Downvote
Depending on the workplace IT policy, that may be a requirement, sure. But if it's not, then do some reading up on the subject, find some freeware PGP e-mail software, and you can set it all up yourself with nobody else being the wiser.

BTW, I'm not sure how encrypted mail will be treated by the spam filters out there.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

T
  • Locked
  • Question
How to use third party mail security gateway to scan internal/inter-domain mails in Exchange On-Premise?
Replies
3
Views
2K
DrB0b
DrB0b
sreejay2211
  • Locked
  • Question
email issue
Replies
0
Views
2K
sreejay2211
sreejay2211
stanlyn
  • Locked
  • Question
How to do Certificates on MultiDomain Exchange with Least Cost
Replies
1
Views
2K
Wesaf
Wesaf
BroBias
  • Locked
  • Question
mailbox databases dismounting frequently without followable reason
Replies
1
Views
2K
BroBias
BroBias
IcarusHallsorts
  • Locked
  • Question
VBA to create output file of headers of selected emails
Replies
0
Views
2K
IcarusHallsorts
IcarusHallsorts

Part and Inventory Search

Sponsor

Back
Top