Once upon a time, IT departments had to worry about viruses while protecting the perimeters of their networks, but over the years, threats have changed as have the ways that IT is asked to deal with them.
Matt Cain, a senior vice president at Stamford, Conn.-based Meta Group, recently reviewed 12 products on the market
As e-mail becomes a more essential enterprise communication tool, the IT manager's to-do list has grown to include spam prevention, intrusion protection, denial-of-service attack prevention, encrypted e-mail systems and content filtering, along with ever more sophisticated viruses and worms. In response, more companies are producing products that multi-task -- blocking viruses, filtering spam and helping keep out anything that could threaten the system.
"The value of the mail system is incalculable in most organizations. At the same time it's a paradox," Cain said. "As e-mail has grown in value -- I would argue it is the number one communication mechanism for most businesses -- the threats have never been worse."
How bad is the problem?
Frank Warlick, senior messaging administrator for Cox Communications in Atlanta, is in charge of e-mail for more than 35,000 employees nationwide. "Our biggest challenge is spam. The sheer volume attempted to deliver is probably 1.2 million a day, and that's out of a total volume of 1.4 million. It's ridiculous," he said.
"The challenge is that the total volume of inbound mail is increasing rapidly, and therefore the volume of spam is increasing rapidly," Warlick said. "Even if you improve your effectiveness, more is getting in. Users think you haven't done anything to fix it. A year ago you blocked 10
While many vendors in the hygiene space started out by tackling spam, they quickly realized that as threats escalate, and competition increases, products must evolve to increase their overall appeal and revenue. What does that mean for the IT manager who is searching for a product to manage e-mail hygiene? Do you want software, hardware or a third-party messaging host to do the job?
"There's no question about it that our advice to companies as they put together their budgets for 2005, they're going to have to increase spending at the operations level," said Cain, of Meta Group, which is being acquired by Gartner Inc. "This certainly does add additional burdens to mail managers and security folks. Mail managers are typically overburdened."
Cain's bottom-line advice is to find what fits your own protection needs. He breaks the decision-making process into several steps: What are your corporate specifics? What is the vendor's viability? How does their product work? What type of control do end users have? What are the reporting capabilities? What is the price?
Mark Greaker, director of technology for Saint Vincent Catholic Medical Centers of New York, said his organization asked several questions before choosing a hardware product. They wanted a content advisory with spam blocking and third-party antivirus software to give them two shots and blocking viruses and spam. Software was costly, he said.
As a medical institution, Saint Vincent's compliance with HIPAA patient privacy regulations is imperative. "Five years ago, e-mail was an annoying memo tool, and right now it's a critical system within the health care collaboration system," Greaker said. "There is a very thin line on what is patient-care data. For the most part we would not worry about somebody on purpose sending out patient care data in the malicious sense, but there's always the chance that it's overlooked. That's where you need to protect yourself."