Security & Monitoring Software
The security of transactions on our corporate website, the security of our administrative control panel, and the protection of security-enabled private label webmail and administrative sites is implemented using 256-bit Secure Sockets Layer (SSL) certificates. The AES-256 algorithm is considered highly secure and enables end-to-end encryption of the conversation between a user's web browser and services at KD Interactive Hosted Email.
Secure Email Client Access
Email clients are also able to have secure conversations with KD Interactive Hosted Email servers using SSL and its successor, Transport Layer Security (TLS). By design, the email auto-configuration tool uses SSL and TLS when it configures access to KD Interactive Hosted Email POP3 and SMTP servers.
Secure Server-To-Server Communication
Some customers require the use of encrypted communication with certain vendors or service providers (e.g., a credit union needs to encrypt all email exchanged with local bank). KD Interactive Hosted Email provides opportunity TLS encryption with Noteworthy. This means that if a destination SMTP server supports TLS when sending outbound email from Noteworthy, the system will automatically encrypt the outbound content using TLS. In addition, inbound e-mail sent to Noteworthy from the internet weill be encrypted if the sending server supports TLS.
Another important component to security is the logging of system events and email. KD Interactive Hosted Email uses syslog-ng from BalaBit IT Security to gather log entries on most servers, and then custom tools refine that log data. Syslog-ng is then used to push that log information to a central logging server, where more custom tools update logging databases. We record and store millions of log entries each hour and make that information available to our engineers and customer care team. Due to storage and performance constraints, server logs are not retained indefinitely.
Redundant, hot-failover network firewalls are used in all data center facilities. The firewalls are implemented using iptables from Netfilter, a mature package that has been deployed in many industries.
KD Interactive Hosted Email uses Nagios to monitor every host and service related to our email services. Nagios provides a powerful templating system so that, once a good monitoring regimen has been established for a particular class of host (e.g., an inbound email gateway server), that template can be applied to many hosts. This fits well with our clustered server infrastructure. Please note that Nagios monitoring is separate from the software that provides load balancing and cluster node failure detection, which must respond to changes within seconds.
A wide variety of tools are used to verify that only expected services are running on KD Interactive Hosted Email systems and that those services do not have known vulnerabilities. These tools include: Nmap, Nessus, and Nikto, among others.