We all know the importance of network security, yet it is also necessary to strike a balance between its costs and its benefits. This is not easy and there is no golden rule here, with the golden ratio being different for every organisation.
Because this is a vague area, it can also give rise to questions such as, “wouldn’t the built-in Exchange Server anti-spam solution suffice for our needs?”
The answer to this question is not easy to find. Any Exchange anti-spam solution provides different layers of protection for your organisation. Generally speaking, every layer will add to your spam detection rate, thus reducing your false positives. But this is not always the case. Simple, basic layers such as keyword based filtering are actually likely to have a negative effect on your false positive rate.
When analysing the cost to benefit ratio that your anti-spam solution is likely to provide, it is essential that you understand what spam really is. The term “spam” is such a huge, all encompassing word that it is easy to lose sight of what you’re actually fighting against.
Many believe spam to be that junk mail which attempts to sell us useless stuff, or else those pointless chain letters that we all receive. These, at best, have a negative impact on your infrastructure by slowing down your legitimate mail flow and adding to your bandwidth costs. At worst they disrupt your employees, causing an undesired slowdown in productivity. However, the truth of the matter is that there are far great risks posed by spam.
Spam is often used as a way to distribute malware. It is also an effective tool to use for phishing attacks, as well as the more insidious spear phishing attacks. It is here that we see a profound effect on the cost benefit analysis. These spam threats can jeopardise your confidential data.
A successful malware distribution attempt by a spam email can also give third parties access to your system, or even infect your network with botnet clients that result in a network performance drop, as well as necessary downtime to clean up the infection. Successful phishing attacks can steal data and provide hackers with passwords or even access to your bank accounts.
With more at stake, it becomes sensible to make a small extra investment to beef up your Exchange anti-spam capabilities. The greater your potential loss from an intrusion, the more security it is worth investing in.
Good third-party anti-spam solutions generally provide a wealth of tools that are specifically designed to combat risks that basic solutions tend to overlook. Multiple antivirus engines can also help to ensure that no virus makes it through your security barrier.
Even more advanced solutions also provide heuristic analysis, as well as sandbox-based analysis to ensure that not only zero-day malware is blocked, but that even malware designed specifically to target your organisation is likely to be caught because of its behaviour.
Such solutions may even have specific modules that are dedicated to preventing phishing attacks. These use technologies like Bayesian analysis, fingerprinting and databases of known URLs to deal with these risks in a far more detailed and effective manner than basic Exchange anti-spam solutions would.
The highest risk posed by spam is not an increase in traffic load. Instead it is the consequences of falling victim to a malware or phishing spam email. Many good third-party Exchange anti-spam solutions are reasonably priced, making them an easy fit into any cost benefit analysis. When looking at the long term, the extra layers of protection might be a lot cheaper for your business than the saving you might make with basic anti-spam protection.