Why You Should Invest in Spam Protection

Unavoidably, we will from time-to-time bump into someone who comes up with a “brilliant” proposal to save that extra penny by not investing in any spam protection.  While we might be able to close an eye on their ignorance if they are simply fellow system administrators or IT managers from other organizations, the whole ballgame changes should the idea comes from the new CIO or Director of IT.

To help you along, I’ve prepared a list of arguments that I hope will adequately address why businesses should invest in spam protection.  Feel free to send this link on, or chip in with your own opinions or ideas on this topic.

The distraction factor

If you’ve ever tried to get work done while trying to catch the latest season of “Dr. Who” on cable, you will already know that distraction can be a real killer where productivity is concerned. Or have you ever spent an hour “clearing” your Inbox, only to realize that nothing measurable was actually done?  In a nutshell, spam will erode our productivity and efficiency if we allow them to show up at our mailboxes unimpeded.

Indeed, everyone has what I call a “recovery time from distraction,” which is the amount of time it takes to properly ease back into the task at hand – think of it as a minor version of starting work first thing in the morning.  Essentially, too much spam, and workers will find themselves spending an inordinate amount of time trying to get back to doing work, rather than doing it in the first place.

The direct cost of spam

The e-mail client of choice is not necessarily limited to the desktop these days.  Increasingly, workers are accessing e-mails via their laptops while on-the-move, as well as on smartphones such as their BlackBerry, iPhone or even Internet tablets like the Apple iPad or Samsung Galaxy Tab.  Because mobile broadband subscription or data plans are not free, spam coming in via these conduits effectively incurs a direct cost – and which is usually paid for by employers. In addition, the processing and storage space taken up by spam also incurs a burden on computational resources of the organization.

Employees are overwhelmed by too many e-mails

A recent survey discovered that many employees are feeling overwhelmed by the number of e-mails that they are receiving every day.  According to the findings, a total of 50 e-mails appear to be the maximum number that workers say they can handle per day.  While the survey does not differentiate between bona fide correspondences where effort is required to craft a coherent response, it follows that staffers confronted by an overwhelming number of e-mails – spam included – are likely to feel overwhelmed.  As such, it pays to taper the deluge of e-mails somewhat by sieving out the spam before they hit the inbox.

Security implications

While it is safe to say that the majority of spam are simply attempts at getting hapless users to surrender their credit card information or to pay for drugs from dubious sources, some of these unsolicited e-mails are more than mere advertisements.  Some hackers might attempt to deceive users into visiting websites that have been specially crafted to exploit new security vulnerabilities.  On that front, a good spam solution will be able to detect and block the methods commonly used to trick users into clicking these links.

Moving ahead

As with all IT solutions, the presence of a good anti-spam solution is no magic bullet; it is therefore important that management is adequately briefed on some of the attendant issues that are related to their implementation.

• False positives – While a good spam filtering solution should have a pretty high accuracy rating, it would be unrealistic to expect perfect performance all the time. As such, it is important that proper procedures be drawn up that will allow users to check for erroneously filtered e-mails.
• Legitimate Blocked Senders – A runaway malware or sporadic infestations could well result in the automated barring of legitimate business partners or customers. In situations where the sending party is aware of the problem and is already working on resolving them, there should be controls by which urgent e-mails are to be received.

I shall be talking more about the above and other such issues in a future blog post.