In a survey of IT decision makers, 44 percent responded that their organization had been breached as a result of malicious email; six percent had no idea if they had suffered a breach as a result of email or not.
With nearly 50 percent of all small businesses being exploited by an email borne threat it tells us that we are not doing enough to protect our assets.
If you ask a person in charge of email for a small to medium-sized business what they do for anti-spam protection you may be hard pressed to get an answer that would satisfy you.
A majority of the survey’s respondents did not have adequate controls in place to protect their organization, and their customers, from threats that spread via email. In fact, it was found that 48 percent rely on the anti-spam component of their anti-virus solution while:
- 20 percent use a software solution
- 14 percent rely on a cloud based anti-spam filter
- 11 percent utilize a gateway appliance to filter spam
Only 45 percent of small businesses use the proper tools to fight the war on spam. And honestly, not all of these solutions can be called the proper tool. Many rely merely on whitelisting or blacklisting. Others utilize only Bayesian filtering and some even block spam only by checking with the DNS block lists.
But there is a better way.
What Can I Do?
Stopping threats that come through email requires a two pronged approach. First, the right technical controls need to be put in place. The technology component needs to be able to:
- Whitelist good senders
- Filter messages based on content and attachments
- Quarantine spam rather than delete it
- Utilize Sender Policy Framework
- Incorporate DNS block lists
- Utilize Bayesian filtering techniques
- Be easy to manage and update
- Learn from the user
Go back and read that last bullet point again. That’s right, a successful anti-spam solution needs to learn, or at least listen to, the user base.
You see, the bad guys are always looking to be one step ahead of the technological controls put in place to stop them. As soon as a new technology comes to market that plugs a vulnerability or stops a malicious hacker, they immediately begin working on a new way to bypass these controls. And until these methodologies and vulnerabilities are discovered by the good guys, there is little that can be done to prevent a zero-day threat.
Users, on the other hand, can help teach email security controls what is good and what is bad. When the user is permitted to tell the anti-spam solution that an email is good or is junk, the technology learns. False positives and false negatives will drop as a result.
The Second Part of the Equation
Now, once the right technology is put into place you still have to educate your users on how to spot malicious emails and what to do when they spot them.
This can be the tricky part, but it needs to be done. Teaching users how to recognize spam and phishing attempts can take time, but it is time well spent; and once they know how to spot a malicious email they need to be taught what to do with it.
One problem with getting users to report malicious email is that it takes too long and they don’t want to have to wait for an email administrator. With some of the better solutions out there today, these concerns can be eliminated.
Anti-spam solutions nowadays can make spam management by the user as easy as dragging a suspicious message into a folder for later review by the security team. These solutions also give users the opportunity to review suspected malicious emails rather than immediately flagging them as spam taking the concern of missing an important email out of the equation.
Users can be your greatest weapon in the fight against phishing and spam, you just have to know how to use them and know what technology makes it easier for them to use their email.