GFISecurityLabs’ David Kelleher Talks about E-mail and Small Business

Page content

E-mail: Powerful Tool or Time Waster

While spam is a problem, uncheck e-mail usage can turn a power communication tool into a major distraction for a small business.

Bright Hub: Are there common mistakes in e-mail management?

David Kelleher: A very common mistake is not having an e-mail management policy or strategy in place. E-mail today is a huge repository of information… in many organizations e-mail content comprises up to 75% of the material employees need to do their job. Therefore it is extremely important that companies pay greater attention to e-mail management than they did in the past. E-mail management goes beyond using e-mail as a business tool; today e-mail is an organization’s data. It is precious. Therefore it needs to be safeguarded.

Another common mistake is to allow employees to manage their own e-mail archive. If employees decide on what e-mails to keep or delete, important information may be lost. An e-mail from an angry client may be something an employee may want to get rid off. On the other hand, a client may argue that the company failed to provide a service when an e-mail sent to the client proves otherwise. If that e-mail had been deleted, the company does not have the means to defend itself!

Bright Hub: What are basics to set up an e-mail management policy?

David Kelleher: The first step is to know where all data is. Many organizations still use .PST files to store e-mails. These are more often than not stored on individual workstations making it much harder to control where all the data is and how it is being handled. A company needs to know that orders received by e-mail are accessible and not dispersed in .PST files or copied to multiple machines.

The second step is to use an e-mail archiving solution that allows the administrator to collect a copy of all corporate e-mails in a central location, for example, an SQL Server. Archiving ensures that a copy of every e-mail inbound and outbound is retained and easy to access if the need arises.

The third step is to create an e-mail policy that is applied company-wide. This policy will inform employees how corporate e-mail should be use within the organization; to be aware of security issues in relation to spam or phishing e-mails; to question and ask for advice if an e-mail looks suspicious; and that e-mails may be monitored if abuse of the organization’s e-mail system is suspected.

The fourth step is to check the laws and regulations in the country of operation that specially mention e-mail management and e-mail retention policies.

Spam and the SMB

We all get it, all the livelong day, but spam can seriously hurt productivity, carry viruses and even clog your servers to a standstill. There is hope. GFI Analyst David Kelleher discusses how to cut the spam!

Bright Hub: A business today can’t really run without e-mail, but spam can overload the e-mail servers. So do you have any tips on what an SMB should do to block spam or at least lower the effects it has on the employees?

David Kelleher: Every company needs an anti-spam solution installed on their e-mail servers to block the hundreds of spam e-mails that are received on a daily basis. Ideally spam should be detected at the SMTP level without the e-mail server needing to download it to check whether it is spam or not. This in turn gives better server performance.

Anti-spam products should feature a combination of techniques such as word lists, blacklist/whitelist filtering, trend analysis, directory harvesting and content learning techniques like Bayesian filtering. In so doing, the spam capture rate is greatly increased. Quality spam filters are also less likely to classify a genuine e-mail as spam and therefore the risk of losing e-mails due to false-positives is reduced. The less effective a spam filter is, the higher the risk that it will classify spam as genuine mail (false-negative).

Having an effective anti-spam filter in place is the first step to blocking spam. The second step is to educate employees to be careful which e-mails they open and which links they click on. Most anti-spam products allow users to browse through their spam folders to identify e-mails that may have been erroneously classified as spam.

It is important that employees are made aware of the various types of spam, especially those e-mails that appear to be from genuine companies, colleagues or friends. These would have been filtered but there is always the risk that an employee will open it or click on any links inside the e-mail. They should be warned not to open e-mails which are suspicious or which they are not expecting as these may redirect the employee to a website infected with malware.

E-mail safety

E-mail is a great tool, but it is also a hole in your security. With every e-mail there is a chance of phishing scams, viruses and other malware. David Kelleher, GFI research analyst, tells how you can fight back.

Bright Hub: How would you advise protecting against e-mail threats?

David Kelleher: There are two approaches to protecting your network against e-mail threats. Firstly, the investment of a best-of-breed anti-spam solution installed on your server to filter against spam e-mail which can contain fraud and phishing scams; secondly, the installation of an anti virus solution that will catch infected e-mails before these have the chance to hit user mailboxes and infect the network.

If the company also has web filtering software installed, it would be a good idea to block employee access to their personal webmail accounts. Giving access to these sites may increase the risk of infected attachments or improper content being downloaded.

Employees should also be prohibited from downloading and installing unauthorized software and access to peer-to-peer sites should also be banned as this could lead to their machine, and the network, being infected by viruses or malware. A compromised machine could become part of a botnet used by spammers to send out huge volumes of junk mail.

If this occurs, the company’s domain may be blacklisted and its reputation and integrity sullied.

E-mail Back-ups

Bright Hub: What are the best reasons to back up e-mail?

David Kelleher: Archiving allows organizations to manage their e-mail communication in an efficient manner and address storage issues related to PST file management and server quotas and comply with legislation and eDiscovery requests.

Administrators can maintain an archive of all the company’s e-mail correspondence that is easily searchable and recoverable, and in turn reduce the need for PST files to back up e-mails. These files can be damaged and they are not a guaranteed or secure form of backup of e-mail data. An archiving system reduces the burden on administrators of going through dozens of PST backups to locate a single e-mail.

An archiving system stores all e-mails in an organized manner making it a simple and easy process to locate and recover e-mails. Having archiving software eliminates the need for employees to save and archive their own e-mails but at the same time they still have access to old or deleted e-mails from their Outlook client or web interface.

E-mail archiving creates a centralized store of all company e-mail that can come in useful when an e-mail is required in a dispute involving employees or with a client. Critical information in an e-mail can be easily recovered from an archive thus saving time and money for the company. Even if the e-mails were deleted from the user’s personal machine, there would still be a copy in the archives.

With archiving in place, a company is also protecting itself from possible legal or regulatory problems if they are requested to provide copies of corporate communication in relation to a court case or eDiscovery request. Industry requirements to maintain a copy of all e-mail correspondence for a set period of time are easy to adhere to with an e-mail archiving solution.

Ultimately, backing up e-mail enables organizations to save all internal and external mail into one or multiple databases (heavily reducing reliance on PST files), protect corporate data, locate specific content quickly, be prepared in the event of litigation and fulfill regulatory e-mail storage requirements.