Choosing The Right Anti-Spam Solution For Your Business’s Server

We are all spoilt for choice when it comes to software. There are so many solutions that seem to offer the same things, choosing the right one can be difficult. Life become even more complex as there are lots of variables to consider, such as budgets and the feature set being offered. All of this makes the question, “Which is the best anti-spam package for my server?” not an easy question to answer.

So how do you decide which solution you need? Your first step should be a cost benefit analysis to help you come up with a budget. There are many things you should consider when performing this exercise and it is essential that you do not overlook any aspects. There are so many sides to the spam problem that it is easier then you may think to miss out critical points.

Consider your infrastructure and make a note of which critical processes depend upon it. Think about the confidential data that your system processes and stores. Spam can create many different problems for your organization. It may simply waste employee time as they wade through it to find their business messages, it may absorb bandwidth and reduce productivity, and it may also give an attacker complete access to your network.

If your network is compromised will a hacker be able to steal sensitive customer details, such as credit card numbers? Could they steal important credentials such as our online banking system account? Could they alter source code to introduce a backdoor in your software? Once these items are identified, it becomes a matter of assigning a monetary value for each. This will then give you the ability to see the financial impact each scenario would have on your company.

Your next step is to decide which identified scenarios are high priorities, as well as how much money you would spend to mitigate these. Once this exercise is complete you will have your budget. Then you can begin comparing solutions.

By examining the high priority scenarios you have identified, you can easily see which features are critical for your organization. For example, if your highest priority scenario is that no outside party should gain access to your system then you should be looking for an anti-spam solution that also has strong anti-virus and anti-malware features.

On the other hand, if your highest priority scenario is that your employees should not waste time on spam, then you should be seeking a solution that has strong spam detection capabilities, such as Bayesian analysis, spam finger printing, SPF detection, and similar technologies.

Avoiding pitfalls

You may want to keep in mind the positive aspects that an anti-spam solution can bring. When conducting a risk assessment, many people focus only on negative the aspects that spam have, such as malware and intrusions. While it is important to safeguard against these, you should not forget the positive elements that anti-spam solutions can bring, such as avoiding the blocking of legitimate mail, or simplified quarantine procedures that save employee time.

Always keep in mind the purpose of your anti-spam software. It isn’t specifically to stop spam, but rather to avoid the problems that spam cause. Like in life, you should avoid cures and focus on prevention instead. In the same way, you should avoid anti-spam solutions that have side effects which cause more problems than it solves.

Choosing the right anti-spam solution for your server is very important. Choosing the right solution can save you a lot more money in the long run, rather than choosing a cheap solution or even no solution at all.

Emmanuel Carabott CISSP heads security research at GFI Software. He has over 12 years’ experience in the security field and is a regular contributor to several websites and blogs. For more information about the benefits of using email usage reporting.