Cost-justifying antispam solutions

Spam has moved quickly over the past three years from an occasional nuisance e-mail to a deluge of productivity robbing and, in many cases, insulting and explicit messages. Users complain every day about how full their e-mail boxes are each morning, how long it takes to weed through the messages and increasingly how embarrassing the e-mails can be to the user and the company. Studies conducted on behalf of NetIQ, a leading edge antispam provider, indicate that almost four out of every 10 e-mails is spam, by our estimates a 6x increase over the past three years. The issue indeed has reached such epidemic proportions that if its growth goes unabated, it can potentially ruin the utility and business value of e-mail.

To determine the impact of spam and the potential benefits of antispam filtering solutions, NetIQ conducted independent research of large and small corporations worldwide, with over 750 respondents. The study asked IT executives and key business managers about the impact of spam on their organizations, the estimated costs and the current and future planned practices and solutions to help eliminate the issue. The survey indicated that almost 36% of all messages received are spam and that spam costs the average organization over $285 per employee per year in lost productivity and incremental IT costs.

According to the study, the impact of spam could be felt most in three areas of the business:

1. Lost productivity -- The most damaging impact of spam is primarily to employees, with over 80% of the costs related to user lost productivity in having to recognize, manage and delete the unwanted e-mails. Studies indicate that the average user receive over 25 spam e-mails each day, and even though these e-mails take around 5 seconds to recognize and resolve, over all the users during a year these small productivity hits of 2 minutes per employee per day can add up. For remote users, or access of e-mail via voice-mail or wireless devices, the issue is compounded. The impact of spam results in an average 0.4% productivity loss per employee per year. For a typical 1000 user organization this results in over $250,000 in lost productivity per year.

2. IT costs -- For IT, the cost of spam is in the consumption of resources to receive and store the spam and in the support of users in having to deal with the spam volume. Spam consumes an estimated 11% of total Internet bandwidth costs, consumes almost 500 GB of storage per year, generates over five help desk support calls per day for every 100 users and requires additional administration staff to help manage and address the inquiries. For a typical 1000-user organization, incremental IT costs are almost 20% of the total cost of spam, resulting in incremental spending of an estimated $38,000 per year.

3. Legal and security risks -- E-mails laced with sexual content, discriminatory humor, viruses, worms and Trojans are becoming more common, and the risks of not proactively taking measures against these risks can be costly. If a legal issue arises, the fact that IT did nothing to help mitigate the risk of these e-mails can cost many people their jobs. The legal and security risks are difficult to quantify, but when one of these risks is realized, the costs to the organization can easily eclipse the more tangible IT and lost productivity costs.

Doing nothing about the spam issue is not an option for IT because of the growing volume and the legal and security risks. There is no silver bullet to eliminate all spam, but the following techniques can be used to help address the issue and begin the fight to reduce the business impact of spam:

• Educating users -- Various user practices can attract spam, and one of the best ways to prevent spam is by educating users not to register or visit suspect or questionable Web sites or to respond to spam e-mails. As well, organizations should take care not to publish e-mail addresses on any public Web sites as spam programs scrape these Web sites for e-mail addresses.

• Text analysis -- Administrators can configure anti-spam solutions to recognize words used by spammers and prevent these from being received.

• Header analysis -- E-mail headers often contain clues that the e-mail is a spam message, and these headers can be analyzed to block the spam message.

• Blacklists for e-mail hosts, domains and users -- Blocking of messages from known spam hosts, domains and users.

• Anti-spoofing -- Preventing spam e-mails from looking like legitimate correspondence, which fools the user into responding.

Spam senders are as savvy as virus writers when it comes to getting their spam through these protection schemes and antispam solutions. The spam senders are changing their text, altering headers, changing e-mail hosts and domains in order to fool the blocking technology. As a result, the anti-spam solution providers are quickly revising solutions and are becoming much more sophisticated in the technology employed in order to combat the spam deluge and in the training and practices that need to be employed around the solutions. However, a certain percentage of spam will get through regardless of the techniques employed. When considering solutions, most IT organizations are hopeful to eliminate 80% - 90% of the spam. However, the IT staff must choose antispam solutions wisely and proactively educate and manage the antispam initiatives in order to achieve these goals without damaging the credibility of the messaging solutions by restricting valuable communications.

Common spam prevention solutions are currently blocking less than 40% of the issues, but newer generation solutions promise to effectively match IT expectations of 80% - 90% coverage with less than 1% false positives (blocking important e-mail messages that are not spam).