Strategic CIO // IT Strategy
News
4/4/2008
09:12 AM
Connect Directly
RSS
E-Mail
50%
50%

How to Secure Your Network Against Spam

As spammers find new and better ways to infiltrate a company's network, managing incoming traffic becomes trickier and more crucial both in terms of productivity and security. Can smaller businesses protect themselves without straining their IT staff and budget? The answer is yes

M Ak E $$$$ fr OM HOME!!!!

Spam is a bane to businesses, infecting company networks and robbing time from IT staff and employees alike. It makes up the vast majority (calculations range from 66 percent to 99 percent) of e-mail today. And it is growing more venomous.

"Spammers have shifted their focus from marketing to criminal activities such as stealing personal or company information," says Richard Metcalfe, security business development manager in Sydney, Australia, for Dimension Data. "Spammers are thus highly motivated to constantly find new techniques to bypass existing e-mail defenses."

Limitations of ISP Antispam Services
How can small and midsize businesses protect against spam, without overwhelming IT staff? Some businesses sign up for antispam services offered by their ISPs, but these have a poor success catch rate for catching spam, according to Craig Martin, security solution architect for Sentinel Technologies, Inc..

One reason: "Antispam services use filters to scan e-mail headers and the message body for terminology, words, or patterns typical of spam," he says. "But image- and PDF-based spam slips through."

Another limitation of antispam services: the ISP cannot determine if a company e-mail address is legitimate before sending it e-mail. This makes it easier for spammers to execute directory-harvest attacks, which involve sending thousands of e-mails to guessed addresses such as ajones@company.com, bjones@company.com, and so on. Antispam services also fail to protect against misdirected bounce-back messages (return-to-sender receipts), which clog inboxes when a spammer uses an employee's e-mail address to send spam, some of it to nonexistent addresses.

A Remedy: Antispam Gateway Appliances
Small and midsize businesses can better protect against spam by deploying a purpose-built e-mail gateway appliance at the network perimeter. "Buy the most comprehensive e-mail security solution that you can afford," says Richard Leonetti, systems engineer at Chickasaw Telecom, Inc.. "You'll recover the extra cost by spending less time fixing damage to your network."

It's especially important, notes Metcalfe, to choose a solution that prevents false positives -- a problem with traditional gateways. "While it's costly and annoying when spam slips through the mail gateway, it's arguably worse to mistakenly tag legitimate e-mail as spam," he says.

A Checklist of Essential Features
Following are e-mail gateway capabilities that are essential for SMBs:

  • Reputation-based filtering. False positives occur when traditional gateways individually analyze each message based on predefined content rules, according to Metcalfe. "It is only a matter of time before a legitimate e-mail is mistakenly blocked or deleted as spam," he says. An effective solution is to block e-mail from known spammers. Security vendors such as IronPort, Inc. build databases of sender reputations by daily analyzing billions of e-mail messages for more than 90 variables that can accurately identify spam. "Reputation-based filtering has been shown to produce a false-positive rate of only one in one million," says Metcalfe.
  • Virus filters and quarantines. Effective e-mail gateways block known threats as well as zero-day threats, wherein signatures are not yet known. Suspicious e-mails are quarantined at the gateway until determined as safe.

  • Automatic updates. Most antispam solutions designed for small business require its IT staff to create, manage, and update blacklists. "This is a never-ending task because spammers continually change the domains they send from," says Martin. "It's worth it to pay a little more for a solution that automatically updates itself with new information about senders, without any effort from the IT staff."
  • Integration with the small or midsize business' Active Directory or other LDAP server. This enables the gateway to validate recipients' e-mail addresses before sending the message through the network, mitigating the damage from directory-harvest attacks.
  • Misdirected bounce message prevention. "Up to 5 percent or 6 percent of a company's bad e-mail consists of misdirected bounces," Martin says. The most useful gateways block e-mails that employees receive when a spammer uses their addresses to send spam.

A comprehensive e-mail security gateway for 100 to 500 users typically costs $1,500 to $5,000. Martin recommends that small and midsize businesses choose a value-added reseller that focuses on e-mail security to recommend, install, and test a solution. "This partner can set up the system so that the SMB's IT staff does not have to spend any time maintaining the antispam system after the initial deployment," he says.

Rhonda Raider writes about tech issues. She is president of Raider Communications, Inc.

Comment  | 
Print  | 
More Insights
Transformative CIOs Organize for Success
Transformative CIOs Organize for Success
Trying to meet today’s business technology needs with yesterday’s IT organizational structure is like driving a Model T at the Indy 500. Time for a reset.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest September 18, 2014
Enterprise social network success starts and ends with integration. Here's how to finally make collaboration click.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
The weekly wrap-up of the top stories from InformationWeek.com this week.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.