Identity and Access Management for IBM Lotus Domino
Today, users expect to communicate via e-mail in a safe and uncomplicated way. The requirements may differ, for example, the human resources need to protect sensitive data in their e-mails or the directors need to have the attachments encrypted. Practically, it means that the deployment of a secure messaging infrastructure might result in high costs for the administrators or too much effort for the users or e-mail recipients.
MailProtect is designed to monitor e-mail traffic within IBM Lotus Domino environments, and to enable administrators to control and take actions if required. It provides a real-time check based on so called “Mail Conditions”, which interpret one or more configured rules. Depending on the result of this check the mail will be delivered or a “Mail-Service” activates specific actions.
The dangerous practice of using no password protection for server ID in order to make the server reboot easier is hard to argue to an audit team. DominoProtect protects Server IDs with passwords and allows unattended reboots. A highly secure random password is created for the server ID. Existing passwords can be imported during the set up as well. If the server needs to be rebooted, DominoProtect provides the password automatically, and no manual action is required. If you are using ID vault, IBM strongly recommends password protection for server ID files:
„We understand that most Domino servers are not password-protected to make unattended reboots simpler, but the vault server’s ID file is a key element in the security of your ID vault. A sophisticated attacker with a vault database and one of the corresponding server Ids … would have all of the cryptographic information needed to masquerade as the vault server and decrypt all of the ID files stored in the vault.“
MailProtect decrypts incoming e-mails on the server and then forwards them to the internal recipient. Users can simply opt to encrypt outgoing e-mails. Additionally, the central condition rules can be set up to control encryption settings such as mandatory encryption if specified content is in the e-mail or the e-mail is addressed to a particular domain. This encryption process fully supports virus checking and archiving processes.
DominoProtect adds an essential extra layer of security for IBM Domino enabling prevention and tracking of unwanted changes in real time ensuring compliance with legal regulations. Additionally it lets you secure the server ID with a password and enable unattended server restarts.