Stop Spam and Other Messaging Threats at the Gateway

By Stacey McDaniel

When it comes down to it, businesses of all sizes face the same email and messaging challenges -- and one of the most prevalent of those is spam. In the past, the major problem with spam was that it diminished user productivity because of the excessive time required to sift through it. Now, businesses are faced with more critical issues relating to spam, namely, the strain it puts on bandwidth and storage requirements for messaging.

Spam is estimated to make up nearly two-thirds of all email traffic. The nature of spam also continues to evolve, becoming harder to stop.

Challenges to messaging
Over the years, spammers have been working feverishly to devise new ways to evade spam filters. The result: email servers are now being flooded with image-based spam, which looks like text-based spam messages, but are comprised of one or more images in order to defeat traditional spam filtering technology. On average, an image-based spam message is five to10 times larger than a text-based spam. This means that more than ever, spam clogs bandwidth, soaks up disk space and slows servers, which often forces businesses to increase their storage capacity requirements. Smaller businesses working with minimal bandwidth are especially feeling the increasing strain that this new spam is putting on their network.

As if image-based spam isn't enough of a problem, phishing continues to increase, becoming sophisticated enough to fool many seasoned email users. New phishing threats are integrating spam and phishing techniques to get the message into the recipients' inboxes, and more importantly for spammers, to get the recipients to click on the URL contained in the message. During the second half of 2006, more than 150,000 unique phishing attacks were identified.

Just as spam is a vector for malware such as viruses and spyware, so too is Instant Messaging (IM). IM is a public service, which can be downloaded by anyone, in many cases for free, and is usually unregulated by internal IT teams. It is not easy for businesses to control and secure IM -- and IM faces all the same email threats listed above -- except they spread faster. Just like the "instant" nature of its messages, an IM compromise will spread in real time. For example, if someone accidentally downloads something, it can spread to their entire buddy list within seconds.

Stop it at the gateway
The combination of these issues creates the need for businesses to have single point protection for all business messaging at the gateway, where spam can be stopped before it impacts email servers and networks downstream. It's important for organizations to stop these ongoing messaging problems, in addition to preventing viruses and spyware from propagating. Organizations need to find solutions that centralize control and protection for inbound and outbound IM and email at the gateway in an all-in-one appliance that sits at the edge of the business network.

These types of solutions need to identify spam and phishing in an integrated fashion by pushing rules to gateway devices for filtering out specific spam attributes and URL lists that are known phishing sites. The solution allows for a host of policies and content filtering rules that can be set at the discretion of the business to monitor not only inbound content, but also outbound content. For instance, a rule can be set to ban any documents that say "confidential" on them from being sent outside of the business. Some solutions also help mitigate risks associated with data leakage and regulatory compliance (HIPAA, GLBA, PCI, SOX).

CIOs need to look for spam solutions from vendors that monitor the world's email for spam, constantly analyzing and discovering new patterns and methods. This saves a business' IT team the hassle of staying on top of the constantly changing threat landscape and constantly writing new rule sets.

Stacey McDaniel has been writing about high-tech issues for more than six years.