Less than a year ago, spam used to be facetiously referred to as the “killer app” at Industry Canada (IC). The reality, though, wasn’t that funny. Spam eroded employee productivity, sucked up server and storage bandwidth and inflated infrastructure costs. Seventy per cent of all of the Department’s incoming e-mail was spam – which at the time was ranked as the “number one irritant” by IC staff. All that, however, is no more than an unpleasant memory.
Implementation, early this year, of a holistic (anti-spam/anti-virus application), has enabled IC to virtually vanquish the spam menace – and reverse some of its negative consequences, according to Industry Canada CIO Mary Carman.
In an exclusive interview with IT World Canada, at last week’s Information Security Conference in Ottawa, Carman described some benefits of IC’s new anti-spam rollout – accomplished within the government’s existing Secure Channel Network (SCNet) infrastructure.
The tool, she said, was from the Bell Nexxia consortium, but was modified for SCNet. It was an anti-virus cum modular anti-spam solution “and with some enhancements really is a modification of the Bell Brightmail solution,” Carman said.
So successful was the deployment, she said, that other federal departments are now using the same service. “It’s a typical multi-tier solution with an appliance at the network perimeter that blocks most spam and a process for end-users to deal with grey mail (suspicious mail).”
She said the cost savings from the rollout are huge. These savings have not yet been quantified or monetized. However, a business case provided last September in response to an Access to Information and Privacy (ATIP) request described the magnitude of the problem and estimated the cost of doing nothing would be $5.5 million a year.
A big part of that cost, said Carman, was due to loss of user productivity. “70 per cent of incoming e-mail was spam, and the free tool we were using at the time was filtering only 21 per cent.” In absolute numbers this meant that 21 million spam e-mails were getting through and only 5.6 million were filtered.
In a few months, she said, the transformation has been spectacular. “Now, more than 90 per cent of all spam is blocked, and there’s gigabytes reduction in e-mail volume.”
Network storage and e-mail server processing requirements, she said, have also dramatically decreased, and this has also brought down costs.
The availability of a compelling solution through SCNet proved to be a bonanza for Industry Canada, according to Carman. “The costs – both one-time and on-going – were well below what we as a department [would have incurred] had we developed and managed the solution on our own.”
According to the IC CIO, her department’s crusade against spam is an integral part of its broader defense strategy – one that has its roots in the federal government’s PDARR principles: Prevention, Detection, Analysis, Response and Recovery.
She said pre-empting and preparing for threats is as crucial as responding to them effectively. So on the prevention front, she said, since May 2002 IC has been conducting cross-country awareness campaigns for all its employees, educating them about recent security threats. “We’ve also launched a well-visited IT security intranet [with information on] policies, best practices, Q&As and alerts.”
The CIO said her department has taken a proactive stance in requesting and obtaining a third party Security Posture Assessment. “We actually had the Canadian Security Establishment come in. I think it was rather special.
The assessment, she said, made recommendations on how Industry Canada “could further strengthen [initiatives] already in place. “Those are no different from any other organization…whether it’s following up on patches, or ensuring robustness of passwords, or monitoring change configuration.”
On the Recovery front, she said, her department, in the past few years, has tested its business continuity and recovery plans. These tests uncovered some interesting facts. “From a departmental perspective we learned, along with others, that we had few mechanisms in place to advise employees directly if the workplace was open for business!”
In response to these findings, a special emergency 1-800 number, with up to date information, was set up and is now available to all employees, Carman said.