How do you know whether your anti-spam solution is successful? These metrics can help you to assess the efficacy of your effort:
- Administrative overhead. A good antispam solution should only require a few minutes per day of human time to administer and manage.
- False negatives. Your false negative number should not exceed one spam per user per day.
- False positives. A rough measure of acceptable false positives is one in every 200,000 legitimate messages.
- User complaints and kudos. It should be obvious whether you're doing a good job from your user feedback. In fact, sometimes the best indication of a successful antispam deployment is that you hear less or nothing from your users. The decrease of complaints in this subject area is silent kudos.
Three Tips For Developing A Spam Management Strategy
Organizations and individual users have the right to use their online resources without being bombarded by unwanted content and solicitations. The antispam market offers many options, but instead of considering a standalone point solution, companies should:
- Seek a solution provider with cross-channel intelligence. Spam isn't a standalone problem--theres a proven link between spam campaigns and Web malware distribution--so antispam shouldn't be considered in a standalone email silo. Your antispam solution should use multichannel intelligence to increase threat identification precision in both the email channel and elsewhere.
- Blend in-the-cloud and on-premise components. Certain filtering tasks are best done in-the-cloud before the unwanted traffic hits the end user organization, while others, such as encryption and deep content inspection, are sometimes best handled on-premise. Forrester has seen many successful deployments at organizations where an in-the-cloud solution (e.g., Postini or MessageLabs) was layered with an on-premise box. This way the on-premise portion only has to deal with a much-reduced traffic stream and can deliver better performance and scalability.
- Include email and antispam in a broad strategy for content security. Organizations need to implement content protection and retention for email, whether to mitigate the risks of legal liability from email misuse, guard against data breaches, or adhere to PCI, HIPAA, or other relevant regulations. The most natural place to incorporate such functionality is within the same email infrastructure used to fight spam. Look to solutions that support bidirectional content scanning, sensitive data discovery, and the ability to trigger external data protection and retention components such as encryption and archiving.
Users who have strong requirements in specific functional areas should start by evaluating vendors who have best-of-breed technologies in the areas most important to them. Such considerations include email reputation filters; industry blacklists; high-performance MTA and antispam solution; and integrated email encryption.
Chenxi Wang is a principal analyst at Forrester Research, where she serves security and risk management professionals. For free related research from Forrester, please visit www.forrester.com/csospam (free site registration required).
Sign up for Computerworld eNewsletters.