Is Exchange Anti-Spam Enough?
We all know the importance of network security, yet it is also necessary to strike a balance between its costs and its benefits. This is not easy and there is no golden rule here, with the golden ratio being different for every organization.
Because this is a vague area, it can also give rise to questions such as, “wouldn’t the built-in Exchange Server anti-spam solution suffice for our needs?”
The answer to this question is not easy to find. Any Exchange anti-spam solution provides different layers of protection for your organization. Generally speaking, every layer will add to your spam detection rate, thus reducing your false positives. But this is not always the case. Simple, basic layers such as keyword based filtering are actually likely to have a negative effect on your false positive rate.
When analyzing the cost to benefit ratio that your anti-spam solution is likely to provide, it is essential that you understand what spam really is. The term “spam” is such a huge, all encompassing word that it is easy to lose sight of what you’re actually fighting against. Many believe spam to be that junk mail which attempts to sell us useless stuff, or else those pointless chain letters that we all receive. These, at best, have a negative impact on your infrastructure by slowing down your legitimate mail flow and adding to your bandwidth costs. At worst they disrupt your employees, causing an undesired slowdown in productivity. However, the truth of the matter is that there are far great risks posed by spam.
Spam is often used as a way to distribute malware. It is also an effective tool to use for phishing attacks, as well as the more insidious spear phishing attacks. It is here that we see a profound effect on the cost benefit analysis. These spam threats can jeopardize your confidential data. A successful malware distribution attempt by a spam email can also give third parties access to your system, or even infect your network with botnet clients that result in a network performance drop, as well as necessary downtime to clean up the infection. Successful phishing attacks can steal data and provide hackers with passwords or even access to your bank accounts.
With more at stake, it becomes sensible to make a small extra investment to beef up your Exchange anti-spam capabilities. The greater your potential loss from an intrusion, the more security it is worth investing in.
Good third-party anti-spam solutions generally provide a wealth of tools that are specifically designed to combat risks that basic solutions tend to overlook. Multiple antivirus engines can also help to ensure that no virus makes it through your security barrier. Even more advanced solutions also provide heuristic analysis, as well as sandbox-based analysis to ensure that not only zero-day malware is blocked, but that even malware designed specifically to target your organization is likely to be caught because of its behavior.
Such solutions may even have specific modules that are dedicated to preventing phishing attacks. These use technologies like Bayesian analysis, fingerprinting and databases of known URLs to deal with these risks in a far more detailed and effective manner than basic Exchange anti-spam solutions would.
The highest risk posed by spam is not an increase in traffic load. Instead it is the consequences of falling victim to a malware or phishing spam email. Many good third-party Exchange anti-spam solutions are reasonably priced, making them an easy fit into any cost benefit analysis. When looking at the long term, the extra layers of protection might be a lot cheaper for your business than the saving you might make with basic anti-spam protection.
Like our posts? Subscribe to our RSS feed or email feed (on the right hand side) now, and be the first to get them!
Like any other protective piece of software like a firewall or antivirus suite, having something is better than nothing but going with a professional solution is always much better than using an all-in-one program. Exchange’s spam filters aren’t enough, but should be used if nothing else is available.
Good marketing/brand managers would understand the fall out once news about data leak is spread about an organization or company.
A part of a company’s credibility lies on the reliability of their security. It is important, then, to protect that reputation. Budgets for IT departments would not only be for administration but for brand protection as well. So, if the investment cost for extra layer of security cannot be covered by an existing IT department’s budget, the marketing department can help chip in. The brand manager can very much understand if the repercussions are explained thoroughly by the IT manager.
For me it is obvious that the answer is ‘No’. Exchange is a mail server, not an anti-spam solution. It might have anti-spam functionalities in it but this isn’t it primary function. I am fed up with all these ‘All in one’ solutions, so I wouldn’t like Exchange to become one. If you need a mail server, you get Exchange; if you need an anti-spam program, get a separate one – this is how I like things done.
Ditto. Try explaining that to my manager, Ian. I understand his concerns, actually. Costs need to be watched and we need to be prudent, as the economy has not really yet picked up or is in a full swing.
But, there are some things you really can’t compromise. You just need to bite the bullet and carry the expense and see it as an investment.
It is really an investment. Protecting your data and your client’s helps improve your credibility as a company and in turn, increase word of mouth marketing and referrals. And, yes, Gino is also right. Because that is partly marketing, too.
I think Microsoft forefront and Exchange Edge is a very good solution