[Nolug] Email passwords are.. special?

From: Dustin Puryear <dustin_at_puryear-it.com>
Date: Wed, 14 Feb 2007 10:12:37 -0600
Message-ID: <21184995.20070214101237@puryear-it.com>

So, there is always this conflict over whether accounts for email
(POP3, IMAP) should be tied to your normal account. In most
situations, companies are trying to consolidate accounts. And
companies with directories (be it LDAP or AD) definitely see this
trend continuing. Yet, there is the risk that a compromised email
password will then compromise the network.

Now, let's assume that the communication channel is encrypted with
SSL. That should just be a given. But we still have the issue of
people having passwords stored on their phones, laptops, home
computers, etc., for their email. I know I've had several phones lost
in the past few years. None had my network information, but that could
have been there.

What are your thoughts on whether email accounts should be separate
from normal network accounts? Pros? Cons? Should companies just not
allow external access to email via POP or IMAP and just require
Webmail access so users have to manually enter passwords? Does that
solve the real problem? I'm interested in hearing what everyone has to
say.

---
Puryear Information Technology, LLC
Baton Rouge, LA * 225-706-8414
http://www.puryear-it.com
Author:
  "Best Practices for Managing Linux and UNIX Servers"
  "Spam Fighting and Email Security in the 21st Century"
Download your free copies:
  http://www.puryear-it.com/publications.htm
___________________
Nolug mailing list
nolug@nolug.org
Received on 02/14/07

This archive was generated by hypermail 2.2.0 : 12/19/08 EST