Looking back at the year so far, what developments in the emerging Linux messaging market have surprised you?
My theory that Linux would become a growing and significant part of the market has proven much faster than expected. The other pleasant surprise is that the demand for Linux messaging tends to be broad-based and not for certain industries or for certain types of companies. We have found that small, medium and large companies are adopting. Geographies are very broadly spread. So are sectors, such as commercial, public, education and vertical industries. Are corporate IT decision makers showing more interest in Linux messaging?
A recent study revealed that 55% of the companies would seriously consider changing their mail platform if they could ensure continuity of service and functionality. This means that there are people looking, but they aren't aware that there are actually alternatives.. So, we're doing a lot of education around what is possible with mail on Linux.What bleeding edge technologies in communications should IT shops keep an eye on?
Real-time collaboration and the Holy Grail of voice and data coming together. This is something that the world wants, but it is still on the bleeding edge. Also, IM [instant messaging] communication is still in its infancy, and, over the next few years, I really see that taking off. What developments in e-mail and messaging security should IT admins be aware of?
The recent developments in authentication standards will move the industry forward and are a significant step. The shift is going to quickly return to the mail infrastructure security and going beyond your antispam, antivirus software. What will better authentication methods mean to admins trying to protect their networks?
It goes back to the old saying that the great thing about the Internet is that no one knows if you are a dog or a human. The anonymity that people have when they are on the Internet is great. But that is what has allowed spam to mushroom.
If you have an infrastructure that identifies machines and users and can authenticate them, then you start to chip away at the problem. It's like immunization, a proactive approach. If you are not authorized to get in, you can't get in. Today, we chase the bad guys in a reactive fashion. If you figure out how to stop them at one pass, then they outsmart you at another pass, and you have to chase them again. What new types of messaging security threats are the most dangerous today?
By far the biggest threat today is phishing and identity theft. E-mail has been used as a medium for that. Phishing is frightening because it is very hard to detect. I could send you a phishing e-mail, and it would be very hard for you to tell that it wasn't an authentic mail.
This is what happened with Citigroup. Say you are a Citigroup customer, and you get an e-mail from Citigroup saying, 'We are updating our records.' You'd click on this link, and it will take you to the actual Citigroup Web site, the legitimate Web site. But there is a pop-up that goes in front of the Web site that asks you to enter your information. It's not the Citigroup pop-up, and there is no way to tell that it isn't Citigroup asking for your information. Then that information goes off to a Web site in Russia, and your identity has been stolen. What can IT admins do right now to deal with this kind of issue?
Security is evolving to a point where a security checkpoint will occur everywhere on the network, not just at the perimeter, application and desktop level but at all levels. Think of security as a fabric, and of that infrastructure as a long-term strategy.
Finally, they should know that better security is one of the advantages of running mail on Linux. Patches and fixes happen in real time because of the open source development community. It doesn't take hours or days, or weeks or months, as it does when users are waiting for a commercial vendor to issue a patch.