Spam war challenge is letting in critical email

IT professionals must perform a balancing act as they attempt to deal with the onslaught of spam. They have to thwart the tremendous amount of annoying

and often offensive

junk e-mail that’s infiltrating their companies and simultaneously ensure that critical business information gets through. Their ongoing and escalating battle requires them to continually fine-tune their spam-fighting strategies as spammers become more aggressive and creative.

“Enterprises have seen spam become a major problem in the past six to nine months,” says Arabella Hallawell, an analyst at Gartner Inc. “At the beginning of the year, 30 per cent of business e-mail was spam, and now, just a few months later, it’s over 50 per cent.”

According to Ferris Research in San Francisco, spam cost U.S. corporations US$8.9 billion in 2002, a figure that’s expected to rise to $10 billion by the end of this year.

Exec level funding support

The good news, says Hallawell, is that high-level executives, as inundated as everyone else, are responding with the necessary cash. “Budgets are being released to deal with the spam problem for three reasons: the visibility of the problem, the costs of dealing with all the spam, and the fact that a lot of the content is really obscene,” she says.

Companies are spending these allocations on a variety of spam-fighting technologies and services. “We’re seeing approaches become more suitable for the enterprise,” says Hallawell, adding that in order to be effective, vendors should support multiple spam-detection methods, such as heuristics, lexical analysis, statistical analysis and others.

In addition, companies should employ real-time black-hole lists (groups of Internet service provider addresses identified as sources of spam) and whitelists (company-defined lists of acceptable e-mail addresses that might normally get blocked by spam-filtering programs), and they should monitor and analyze their e-mail to ensure that their strategies are working. They should also set e-mail policies for the entire organization and educate users accordingly.

Nowhere is this fine-tuning more important than with spam-blocking technologies themselves. Set filter thresholds too low, and spam continues to flow in; too high, and business-critical information doesn’t.

“The biggest challenge in the spam wars is what to do about false positives,” says Matthew Berk, an analyst at Jupiter Research in New York. “On the corporate side, false positives mean important e-mails don’t get through, and for businesses selling to consumers, false positives mean e-mails the company needs to get to customers get blocked. It’s causing great risk on one side and great frustration on the other.”

A hierarchy of pain for FIs

Jim Hyatt, head of security and contingency services at The Vanguard Group Inc., a financial services firm in Valley Forge, Pa., understands both the risk and the frustration. “If you want to make money-management people nuts, block information on securities or investments,” he says.

“Spam creates a whole hierarchy of pain for us,” he continues. “First, if inappropriate e-mail gets through to workers, it creates an unfriendly work environment. Second, we’re in the financial services business, so we have to monitor and retain e-mails. Third, there’s the volume: We get 100,000 e-mails a day, of which 10 per cent to 11 per cent is spam, and of that, 20 per cent to 30 per cent is offensive.”

Vanguard is using ClearEdge from Bellevue, Wash.-based Clearswift Ltd., as well as Unix sendmail, to filter spam before sending e-mail on to its Lotus Notes servers. To deal with false positives, Hyatt has two full-time people to monitor quarantined e-mail and test and fine-tune Vanguard’s spam-filtering systems.

As an additional defense against spam, Hyatt has put in place an information security awareness program to educate Vanguard’s 10,000 employees.