SmartAdvice: Look Beyond Filtering Techniques When Evaluating Anti-Spam Products
By Ron Bleiberg & Frederick Scholl
From blacklists to Bayesian learning, look at the kind of spam problems your company has and evaluate products based on business need, The Advisory Council says. Also, plan for the company's continuation when drafting disaster-recovery plans.
By The Advisory Council
InformationWeek
Editor's Note: Welcome to SmartAdvice, a weekly column by The Advisory Council (TAC), an advisory service firm. The feature answers two questions of core interest to you, ranging from career advice to enterprise strategies to how to deal with vendors. Submit questions directly to smartadvice@tacadvisory.com
Question A : What factors should we consider in selecting an anti-spam solution?
Our advice: Fighting spam is a lot like maintaining a healthy weight -- it's a constant problem and there are no quick solutions. A year after CAN-SPAM, we are besieged with spam E-mail, some claiming compliance with the law and some flouting it. Although top spammer Jeremy Jaynes recently was convicted under Virginia's anti-spam law, the spam cases against his sister and another business partner have been thrown out. Anti-spam measures seem to make one big step forward and two small steps backward.
Businesses still face problems of lost productivity, compliance risk, and security hazards resulting from spam. Yet successful elimination of spam can result in immediate payback from improved productivity. It also will result in reduced legal and financial liability.
Currently there are four classes of technical solutions to provide spam-free E-mail: desktop software, server software, gateway appliances, and managed services. Desktop software is most appropriate to small businesses. Server software provides an Internet E-mail gateway for larger businesses. A spam gateway appliance provides the same capability as server software, without the need to install and maintain software. A managed E-mail service filters all incoming mail at the service provider's data center; only spam-free mail enters the client firm's infrastructure.
All of these products use a cocktail approach to fending off unwanted E-mail. Anti-spam techniques include blacklists, whitelists, Bayesian learning, and heuristic rules. Vendors have access to the same anti-spam research. To evaluate anti-spam products, you need to look beyond simple filtering statistics and consider factors that are specific to your business.
Evaluating Anti-Spam Techniques
Our recommended list of evaluation criteria includes:
- Total cost of ownership: How much time and manpower will be needed to maintain the solution's effectiveness?
- Performance and availability: E-mail is mission critical in many businesses; will the solution scale in messages/second and guarantee the required uptime?
- Response to new attacks: How fast is the solution updated as spammers introduce new methods?
- Technical support: What is the service level that the vendor can guarantee for software, hardware, or service support?
In addition, each firm must evaluate the anti-spam solution's feature set against its own business needs. Postini , for example, is a managed-service firm that has done a good job in meeting the anti-spam needs of the legal community. Its service has a number of anti-spam features that should be considered in selecting an anti-spam solution. These features include: proactive detection of mail zombies, flexible policies, user-selectable thresholds and rules, per-user mail quarantine, support for encrypted mail, memory-based mail filtering, and WebTrust security certification.
To effectively eliminate spam in your organization, start with the users, and determine exactly what types of spam are causing problems for them. Then evaluate the available solutions to your spam problem, using the criteria we have outlined.
- - Frederick Scholl
Question B : What are the most frequently overlooked parts of a disaster-recovery plan?
Our advice: In today's society, many diverse forces are being brought to bear on a business's information infrastructure. Regulatory agencies require the integrity of financial information and the protection of personal medical information. The Freedom of Information Act mandates the dissemination of information to those who request it. Effective customer-relationship management requires that employees have access to all relevant information relating to customers to better service them. And that includes information both internally and externally created, from all touch points and in diverse formats.
These are just some of the conflicting issues which IT management must deal with. But they all pale in comparison with the need to maintain the company's viability as a legal and financial entity in case of a disaster or terrorism.
Developing A Disaster-Recovery Plan
There should be three major parts to any disaster-recovery plan: management continuity, corporate continuity, and operational continuity. Management continuity requires a clear plan for succession of management should any of them not be able to perform their duties after a disaster. This plan might be written with specific names or it could be by title. Either way, the plan should be formalized and documented. A good place for this is in the corporate charter.
Operational continuity is the plan for restoring the company's ability to sell and deliver its products and services. This plan usually includes computer operations, and is the portion of a disaster-recovery plan most frequently implemented. But the most often overlooked is corporate continuity -- the ability to maintain the company as a legal and financial entity after that disaster.
Why is this overlooked? I think it's because of the reliance on computerization by the rest of the corporation. They have plans in place to back up data and applications, and may have distributed production facilities. But the existence of a corporation is based on paper documents such as the corporate charter, board minutes, supplier, sales, and employee contracts, signed proxy cards (stockholder lists are usually computerized), records of regulatory filings, and correspondence. Having that information can avoid time-consuming and expensive litigation should a disaster occur.
Unfortunately, protecting this type of information is often overlooked when developing a disaster-recovery plan. And it may be the most important part of a comprehensive plan. The company is, in and of itself, the biggest asset to be protected.
Companies should examine their business processes to see where existing document assets can be leveraged to support a disaster-recovery plan without adding complexity and cost to the enterprise. And if they need help, they should obtain experienced external resources to perform a "sanity check" to verify their plan and identify shortcomings.
- - Ron Bleiberg
Frederick Scholl, TAC Expert, has more than 25 years of experience in technology investigations and research covering subjects including the Internet, data communications, and intellectual property. Recently, his work has included: drafting security policy for an enterprise publishing company; testing network reliability for a server farm installation within a Fortune 100 bank; evaluating an SLA for a cable ISP in contract dispute with backbone provider; documenting theft of network services for an outsourcer in a contract dispute with Fortune 100 client; and advising client on potential value of Internet technology patents. Prior to 1991, he was a pioneer in the fiber optic business, and chaired the IEEE committee that standardized the use of optical fiber in Ethernet LAN systems.
Ron Bleiberg, TAC Expert, has more than 25 years of increasingly senior responsibility and experience in the areas of consulting management and delivery, disaster-recovery planning, document-management systems, and total-quality management. His primary focus is working with clients to develop strategic business plans, identify opportunities for the use of state-of-the-art techniques to improve client-interaction capabilities, revenue and profitability, and the solutions associated with those efforts. He is VP of products and services at FileOn, a document-management vendor.
The Advisory Council, www.tacadvisory.com , is a technology advisory services firm. TAC has formed a strategic business relationship with CMP Media and InformationWeek. CMP Media shares in the revenue for TAC's fee-based advisory services. Submit questions directly to SmartAdvice@tacadvisory.com . To read previous SmartAdvice columns, check out http://www.informationweek.com/advisorycouncil/ .
Published April 11, 2005 - InformationWeek Article
