This content has been marked as final. Show 2 replies
this one looks pretty good:
there is also this on techrepublic but you'll need to login to it to see it
that is good actually.... Go Leeds Uni !
to answer the part about notifications, you may well have to apply business continuity planning that is relevant to your business.
ie, setting ePO to sound the alarm on one email that is infected, and then declaring a lockdown of the exchange server may well contain the threat, but also take out a critical section of your business.
i speak from experience when i say that this should be lead from the highest technical authority within your business, CTO/CIO if you will, and involve all the technology stakeholders, laying out "if an infection hits, and i do this, then you wont be able to do a, b, c until it is resolved"
this then prevents bun fights, when they ask you why you killed email and they have 3000 helpdesk tickets logged per hr...
but then on the other hand, if you are a business that trades on reputation ( as all businesses do to a greater or lesser extent) then a single infected email sent to a customer will leave a very bitter taste..
sorry the answer cant be more straightforward...
hope this helps a little bit?