It's been quite a month. First, the Microsoft Daylight Saving Time (DST) fix has displaced Exchange Server 2007 migration as the hot discussion topic among many Exchange pros. Next, Postini released its annual Communications Intelligence Report, revealing the daunting news that botnet-propagated viruses and spam are on the rise. Finally, and more encouraging, an Exchange & Outlook Pro VIP subscriber shares the progress of his company's carefully staged Exchange 2007 migration.
It used to be that the worst part of changing over to Daylight Saving Time (DST) in North America was losing an hour of sleep and stumbling through the following week feeling as if one's circadian rhythms were slightly off kilter. But the Microsoft DST fix appears to be confusing Windows and Exchange administrators a lot more than the actual time change. If you've been following veteran Exchange contributor and Exchange MVP Paul Robichaux's Exchange and DST series (see the end of this commentary for a list of DST articles), you've learned that applying the fix is somewhat complicated. Paul's articles are a must-read if you haven't applied the DST fix yet, or if you've applied it and are encountering problems. The new Exchange & Outlook Pro VIP forum can also be a source of help. Paul has started a "DST experience" thread, and I encourage everyone to start posting. I suspect that a lot of you have strong opinions about this topic!
The DST conundrum will soon fade away, but messaging security threats—viruses, worms, and spam—are propagating with renewed vigor. Postini, which produces an annual report of the past year's malware threats and current-year projections, found a spike in spam and virus activity in late fourth quarter 2006 and is projecting "no end in sight" to the heavy malware activity, according to Dan Druker, Postini executive vice president. (The Postini report is based on data amassed from the company's 12 million customers worldwide and a survey of 458 communications professionals.) I recently spoke to Druker, who explained the source of the malware explosion.
"As much as 80 percent of malicious activity is done by same people, mainly in Eastern Europe. They hire computer scientists to write new viruses that get around the most common consumer antivirus engines," Druker said. "These worms take over PCs attached to high-speed networks via botnets and steal personal information from the PCs (e.g., credit card numbers, passwords), which is then sold." Druker said that one million PCs a day are being infected—primarily PCs in homes serviced by ISPs.
IT Messaging Priorities
Although Postini's data suggests that businesses are less immediately vulnerable to botnet threats than home-PC users, the communications professionals surveyed nonetheless say that stopping spam and malware is their highest priority (71 percent ranked this as top priority), indicating that they'll remain vigilant about defending their networks and email systems against intrusion.
The survey data also show that compliance issues are commanding more of communications pros' attention than in previous years. Compliance is the number-two priority of those surveyed, and 51 percent say that developing an archiving strategy is a top concern for them in 2007. Compliance—specifically archiving for e-discovery purposes—was just coming onto Exchange pros' radar a couple years ago. But with the new amendments to the Federal Rules of Civil Procedure (FRCP) adding to an already hefty regulatory compliance burden, companies need to be able to produce electronically stored information (much of which is email) relatively quickly or face steep fines or sanctions. With Exchange 2007, Microsoft has acknowledged this need by including records management features that can help companies set email-retention policies as a first step toward meeting FRCP requirements. (To learn more about email retention and compliance for Exchange administrators, see "Build an Email-Discovery Plan" and "Regulatory Compliance".)
Finally, I've heard from several readers with Exchange migration–related questions or anecdotes about their migration experiences. One reader, Christopher Wallick, a design engineer who oversees his company's Exchange and messaging infrastructure, responded to my February Pro VIP Perspective column by explaining his company's Exchange migration strategy.
"We chose to upgrade this year due to the fact that our servers have reached their end of life and it makes more sense fiscally to invest in hardware that will support Exchange 2007. Initially, we were going to upgrade the hardware but keep Exchange 2003, but the more we looked at the design differences from a four-node Exchange cluster to the two-node Cluster Continuous Replication (CCR) clusterlets in Exchange 2007, we knew that we would have to completely redesign our infrastructure if we decided to upgrade later. So, for us it made financial sense to do the redesign one time and go with the upgrade now. We are taking a slow approach to the upgrade, however, and working with Microsoft to ensure that as we move forward we do so carefully and methodically." Christopher said he'll update me on his company's migration progress, and I'll share those updates in future columns.
As always, I'm happy to receive your questions, feedback, and article ideas at firstname.lastname@example.org. Have a great month—and tell me how the DST change goes for you!
DST Articles: Help with Making Sense of the DST Fix