Best IT Blog

Sample Excel – Exchange Upgrade Project Plan

Comments Off on Sample Excel – Exchange Upgrade Project Plan

Email Management Considerations

Posted in eMail (66) by Guest on the October 13th, 2014


Email has become a vital piece of corporate infrastructure although it often receives less attention than systems running other core business functions. Recent virus attacks have highlighted how reliant companies are on their email service.

Email is particularly vulnerable to any IT infrastructure failures in addition to specific challenges such as spam, virus attack and other security issues. As a key component for both external and internal communications, any service issues affecting email immediately impacts on a company’s ability to function.

Email volumes will continue to grow exponentially, spam will become an increasingly large issue and virus writers will become more cunning. This means that in order to continue to provide a high level of email service, the corporate IT department is going to have to allocate more and more specialist resources to running its email system. And this is at a time when the pressures of the economy are such that many businesses need to focus more on their core areas of expertise and competence.

This dilemma can be addressed by utilizing on an outside supplier to provide and manage email services. However, the challenge for companies will be to manage the balance between their internal resources and the services they have outsourced. This re-emphasizes the need to find reliable partners with the necessary expertise and who will deliver agreed service levels.

What is clear is that corporate email systems need specialist skills and are going to require more, not less resources as the reliance on email continues to grow.

Considerations for Email Management

In-house Managed Email Managed Email Service. Pros and cons of running an email system in-house vs. using an external managed service provider.


 Control over tools, content and updates

 Prioritize based on business drivers

 Grow internal skill and knowledge

 Easier integration with other systems


 Access to specialized skills

 More reliable and flexible service

 Predictable lower costs

 Focus on core business


 Finite resources with email skills

 No penalty based SLA

 Downtime caused through lack of focus

 Constant re-training needed to stay current

 Threat to knowledge base from staff turnover


 Negative perceptions within IT department

 Administrative overhead of communication

 Loss of in-house competence


Key Issues Relating to Email Management

Control of Viruses

Of all the issues relating to running an email system, dealing with the threat of virus attack is very high up on every organization’s priority list. We find that there is almost universal adoption of some sort of anti-virus process or product within the business community. The impact of virus attack on a company can be disastrous. Firstly there is the disruption to ongoing business while the impact of the virus attack is dealt with (user downtime, cleaning user PCs and so on), then there is the impact on business partners to whom the virus may have passed. This has in the past been measured in terms of minor embarrassment ranging to major lost contracts and long-term damage to a company brand. The commercial estimates relating to the damage done by viruses vary greatly. However all agree that virus damage and the ensuing clean up is costing British businesses billions of pounds each year.

All agree that protecting an organization against becoming the victim of a virus attack and in turn preventing the organization from propagating the virus attack is now a business critical function. Viruses are mainly distributed through email. Some are attachments to emails; others are included in the body of the email itself. Additionally viruses can be passed by accessing or downloading from websites, but this method is a relatively minor consideration compared to email transmission.

The solutions that organizations have implemented fall broadly into the following categories:

Total Outsourcing

By having an external organization take on responsibility for scanning all inbound and outbound email, a company is able to be comfortable in the knowledge that a professional is acting on their behalf. A specialist organization is working round the clock to ensure that viruses are kept at bay. Companies that have subscribed to this approach report an excellent level of service, with near 100% protection from viruses. However this does come with two downsides. Firstly, the cost of this service – typically around $1 per user per month. Secondly, the incidence of “false positives” – a false positive is where an email is wrongly diagnosed as having a virus attached or embedded. This becomes a problem if the email in question is of a critical nature and the process for dealing with the “false positive” results in a lengthy delay in delivering the message to the recipient.

A final consideration in this approach is that it does not prevent a virus from propagating around an organization should it manage to penetrate the outer defenses. It is this consideration that leads many companies to continue to run anti-virus protection on individual PCs and servers even though they are paying another organization to protect them.

In summary, this approach is well received by those using it. It is very effective at preventing viruses from penetrating into an organization but does not provide any protection should a virus be introduced by other means such as a user’s private webmail account. This therefore cannot be regarded as the complete solution for protecting a company from virus attack.


Excellent at trapping viruses, uses multiple different engines – constantly updated against the latest viruses and provided as a managed service so no dependency on company IT staff.


Does not protect against a virus propagating around a company once penetrated. In-house Server Based Virus Protection

This is by far the most common approach to protecting companies against virus attack. The anti-virus software is installed on all email servers and scans the emails passing through the server, quarantining any that it identifies as containing a virus.

As this approach is in-house, its success depends on the vigilance, capability and availability of the company’s IT department staff. Applying latest updates against new viruses is an hourly function and although automated, requires checking regularly. Server based virus prevention is also limited to one product (running multiple anti-virus products on the same server can make them both identify each other as a virus, due to the way they function!), which leads to a selection process where technical requirements may lose out to commercial considerations. Furthermore, different anti-virus vendors may be more successful than others in combating different viruses, so having more than one product running would provide enhanced protection.


Prevents spread of viruses within an organization as well as providing protection from inbound and outbound viruses.

Cons: Limited to one vendor’s approach. Reliant on the IT department to monitor, manage and apply updates constantly. Adds overhead to IT staff in dealing with quarantined messages. This approach allows viruses to penetrate a company’s network before being trapped. Increasingly complex viruses may exploit this vulnerability.

Client PC Based Protection

Client based virus protection is generally regarded as an adjunct to another approach or for mobile workers.


Protects the client PC.


Dependant on the user to setup and manage updates.

Only protects the client PC.

Does not protect servers or other network infrastructure.



Protecting an organization from the threat of viruses is paramount. Email communication is now business critical in most companies and being without it for any length of time starts to cost the company competitiveness, money and employee productivity. The business case for providing virus protection does not need proving. However, the level of protection that a company deems cost effective needs reviewing.

Whilst the majority of organizations are using server based virus protection, their reliance on one vendor and busy internal IT staff to run the service offers opportunities for breach by new viruses and the potential that new types of virus can do damage prior to being identified by the email server.

An approach that hands primary protection to a specialist who will trap and remove viruses prior to them ever arriving at your network is definitely the way of the future. Such an organization will be acting for many companies and so will have specialist knowledge that it is impossible to justify developing within a company’s IT department. However, reliance on a third party provider has limitations around preventing the internal spread of a virus that is introduced through other means (infected CD-ROM, Internet download, etc), so retaining server and client PC based virus protection is also recommended as a backup measure.


Comments Off on Email Management Considerations

Sample – Simple Electronic Mail Policy

Posted in eMail (66),Policies - Standards (600) by Guest on the January 22nd, 2014

User Responsibilities

These guidelines are intended to help you make the best use of the electronic mail facilities at your disposal. You should understand the following.

1) The Company provides electronic mail to staff to enable them to communicate effectively and efficiently with other members of staff, other companies and partner organisations.

When using the Company’s electronic mail facilities you should comply with the following guidelines. 


1) Do check your electronic mail daily to see if you have any messages.

2) Do include a meaningful subject line in your message.

3) Do check the address line before sending a message and check you are sending it to the right person.

4) Do delete electronic mail messages when they are no longer required.

5) Do respect the legal protections to data and software provided by copyright and licenses.

6) Do take care not to express views which could be regarded as defamatory or libellous.  


1) Do not print electronic mail messages unless absolutely necessary.

2) Do not expect an immediate reply, the recipient might not be at their computer or could be too busy to reply straight away.

3) Do not forward electronic mail messages sent to you personally to others, particularly newsgroups or mailing lists, without the permission of the originator.

4) Do not use electronic mail for personal reasons.

5) Do not send excessively large electronic mail messages or attachments.

6) Do not send unnecessary messages such as festive greetings or other non-work items by electronic mail, particularly to several people.

7) Do not participate in chain or pyramid messages or similar schemes.

8) Do not represent yourself as another person.

9) Do not use electronic mail to send or forward material that could be construed as confidential, political, obscene, threatening, offensive or libellous.  

Please note the following

All electronic mail activity is monitored and logged.

All electronic mail coming into or leaving the Company is scanned for viruses.

All the content of electronic mail is scanned for offensive material. 

If you are in any doubt about an issue affecting the use of electronic mail you should consult the I.T. Services Manager. 

Any breach of the Company’s Electronic Mail Policy may lead to disciplinary action.


Comments Off on Sample – Simple Electronic Mail Policy

Sample – Grouped URL / Email Filtering Products

Posted in Compliances (1300),eMail (66),Security (1500) by Guest on the March 28th, 2013

Grouped URL / Email Filtering Products

URL / Email Filtering Products

Symantec / BrightMail
Barracuda Networks


Comments Off on Sample – Grouped URL / Email Filtering Products

Sample – Grouped Email Malware Products

Posted in Compliances (1300),eMail (66),Security (1500) by Guest on the March 27th, 2013

Grouped Email Malware Products 


Trend Micro
Pelican Sec


Comments Off on Sample – Grouped Email Malware Products

Sample eMail Disclaimers

Posted in Compliances (1300),eMail (66),Security (1500) by Guest on the December 1st, 2012


Notice: The information contained in this email and in any attachments is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material.  If you have received this email in error, please notify us immediately by replying to the message and delete the email from your computer. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited.  The recipient should check this email and any attachments for the presence of viruses.  Sender accepts no liability for any damages caused by any virus transmitted by this email.  Please note that this e-mail is and any response to it will be unencrypted and, therefore, potentially insecure. 

CONFIDENTIAL INFORMATION: The information contained in this email message is confidential, and is intended only for the use of the individuals or entity named above who have been specifically authorized to receive it. If the receiver is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication or its attachments (if any) is strictly prohibited. If you have received this communication in error, please notify me immediately. Any personal comments made do not reflect the views of “Your Corp”. 

IMPORTANT! Any attachments that may contain confidential information. If you receive this information by email or in soft copy, please delete the email and its attachments immediately after review and use. All hard copy documents which contain such confidential information must be shredded immediately after review and use. Failure to properly dispose the information as requested could result in noncompliance with federal law.


Another Sample


All information transmitted hereby is intended only for the use of the addressee(s) named above and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution of confidential and privileged information is prohibited. If the reader of this message is not the intended recipient(s) or the employee or agent responsible for delivering the message to the intended recipient(s), you may not distribute or copy the confidential and privileged portion of this communication to another. Anyone who receives confidential and privileged information in error should notify us immediately by telephone and mail the original message to us at the above address and destroy all copies. To the extent any portion of this communication contains public information, no such restrictions apply to that information.

Another example

This e-mail and any files transmitted with it are for the sole use of the intended recipient(s) and may contain confidential and privileged information. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. Any unauthorized review, use, disclosure, dissemination, forwarding, printing or copying of this email or any action taken in reliance on this e-mail is strictly prohibited and may be unlawful.


Comments Off on Sample eMail Disclaimers
Next Page »