With a Name Like Microsoft…

By Larry Seltzer  |  Posted 2005-07-21 Print this article Print

Opinion: The company has a lot to prove after the recent adware controversy, but Microsoft is assembling a quality set of tools for security needs.

It doesnt seem right to say that the entry of Microsoft should bring respectability to an eminently respectable market like managed secure e-mail hosting, but a lot of people are arguing that Microsofts planned acquisition of FrontBridge will do just that. Ive always been a fan of the hosted mail-security model, and plenty of respectable companies use it already. Ziff-Davis, the publisher of this column, is a FrontBridge customer, and Ive been happy with the service, as I was when Ive tested it in the past. Even more than large companies, this model benefits medium-sized businesses. The e-mail needs of these business are likely to be complex, but administering the security of a complicated e-mail infrastructure is not an easy task and requires constant vigilance, making it an obvious candidate for outsourcing.
Outsourcing allows customers not only to delegate many administrative functions, but to take advantage of what is undoubtedly a more redundant and robust infrastructure than their own. Postini, the big-deal provider in this space, says it handles 3 billion messages a week for more than 30,000 businesses.
These services have distributed infrastructures that can handle, for example, a sustained power outage at one location, and if your own mail servers go down they can queue up the incoming mail until youre ready to take it. They have staff and software looking at the e-mail 24 hours a day, every day, no matter what holiday it is, anywhere in the world. They have a much larger sample of mail coming in, making it more likely that they will see and recognize new attacks as they come along. They can afford to have multiple anti-virus scanners look at the mail. They can afford to harden against directory harvest attacks. Read details here about Microsofts controversial downgrading of Claria adware. So FrontBridge and its competitors, as a class, were a good choice for business already. What does Microsoft bring to the table? Painful as it is to admit, Im sure many executives may be comfortable buying from Microsoft, since they do so much business with the company already, whereas they may never have heard of MessageLabs or Postini or FrontBridge. A related point is that the marketing power of Microsoft could make the whole notion of e-mail hosting more acceptable to business. Intuitively, it may seem that issues of legal compliance and privacy would argue against routing your mail through an outside service, but in fact it can better meet those goals. FrontBridge, for example, supports policy enforcement features that can limit unauthorized dissemination of confidential information. Services like FrontBridge force a company to take control over its e-mail infrastructure. A proper implementation will also handle all outbound mail, and this forces you to keep track of all sending points in your network. Click here to read about a new e-mail authentication specification submitted to the IETF. Therefore, a hosted service can make it easier to implement authentication standards. I dont know the attitude of all these companies towards Sender ID and Domain Keys. Postini has been lukewarm at best, and usually hostile towards them in the past. You can bet that FrontBridge will soon be waving the pom-poms for Sender ID. So it is possible that the name "Microsoft" will expand the market for secure hosted e-mail systems, and this would be good both for the market and the e-mail community at large (or the "ecosystem" as Bill Gates would put it.) I dont think the same opportunities for bad decision-making exist as in the companys anti-spyware products, although Microsoft has surprised me in the past. But the move into e-mail security looks like good news for everyone to me. Security Center Editor Larry Seltzer has worked in and written about the computer industry since 1983. He can be reached at larryseltzer@ziffdavis.com. Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.
Larry Seltzer has been writing software for and English about computers ever since—,much to his own amazement—,he graduated from the University of Pennsylvania in 1983.

He was one of the authors of NPL and NPL-R, fourth-generation languages for microcomputers by the now-defunct DeskTop Software Corporation. (Larry is sad to find absolutely no hits on any of these +products on Google.) His work at Desktop Software included programming the UCSD p-System, a virtual machine-based operating system with portable binaries that pre-dated Java by more than 10 years.

For several years, he wrote corporate software for Mathematica Policy Research (they're still in business!) and Chase Econometrics (not so lucky) before being forcibly thrown into the consulting market. He bummed around the Philadelphia consulting and contract-programming scenes for a year or two before taking a job at NSTL (National Software Testing Labs) developing product tests and managing contract testing for the computer industry, governments and publication.

In 1991 Larry moved to Massachusetts to become Technical Director of PC Week Labs (now eWeek Labs). He moved within Ziff Davis to New York in 1994 to run testing at Windows Sources. In 1995, he became Technical Director for Internet product testing at PC Magazine and stayed there till 1998.

Since then, he has been writing for numerous other publications, including Fortune Small Business, Windows 2000 Magazine (now Windows and .NET Magazine), ZDNet and Sam Whitmore's Media Survey.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel