Whether or …show more content…
These messages remain behind the corporate firewall, possibly never leaving the email server, where they are better protected from packet sniffing by external agents. Protecting email from packet sniffing by internal agents can be achieved by standard methods applicable to all network traffic. Guarding against ARP spoofing by checking for duplicate MAC addresses and by using static ARP tables, or software solutions such as Xarp and Arpwatch (Goodrich and Tamassia. 2011, pp. 234-235). Dividing the organization 's network into sub-networks by user group function and using Ethernet switches rather than hubs to reduce the amount of different network traffic that is available at each network interface and thus vulnerable to sniffing (Goodrich and Tamassia. 2011, pp. …show more content…
Because both the sending and receiving email servers are under the control of the organization, it can use S/MIME to digitally sign email messages. This authenticates the sender to the receiver and validates the integrity of the message, that it has not been modified in transit (Goodrich and Tamassia. 2011, p. 504). Furthermore, the organization can link their internal access control system to the email server 's list of users to facilitate provisioning email addresses to their employees and decommissioning those addresses when the employee leaves the organization, further authenticating the sender and receiver of emails to each