Email compliance is an often neglected corporate expense, even with spam at an all-time high in corporate emails. Shockingly even higher than that of personal email providers such as Yahoo (the most notorious one since Hotmail cleaned up its act), Gmail, Hotmail, and Gmx. But if you stop and dissect this, it makes sense.

Conglomerates like Google and MSN have put in place powerful spam filters used worldwide in all their subsidiaries. For considerably smaller organisations of 1000 and less, the cost-effectiveness of purchasing an expensive logic-based email security program with a growing blacklist may not make financial sense to them.

This decision is often made by management, which may or may not have any technical knowledge of how spam can damage your infrastructure. As spam becomes more advanced and potentially malicious, it falls to those in the IT department to remind the decision-makers once again how critical securing our email is. After all, when the blame comes, we always get it. :p

Effective security programs, such as BorderWare's Email Security, Compliance, and Anti-Spam solution, need to provide at least the following:

- Content Filtering
- Attachment Scanning
- Compliance Dictionaries
- Encryption
- Audit & Reporting
- Policy Controls
- Redundancy & Clustering

It is essential to filter content (particularly malicious content which can come wrapped in seemingly innocent image and html files nowadays, in addition to the old school exe files). Hence an effective solution must provide at least attachment scanning as well.

More effective are compliance dictionaries and encryption for your and your organisation's own security. Having a white list and black list helps to an extent, but these must be set and maintained organisation-wide by the security administrator.

Having worked in an IT department where security was much needed and not adhered to very well, I realise policy controls will go only so far and attempts at education moot if users are unable to comprehend the extent of damage their clicking on one file containing a worm can cause. Similarly, the security team needs to read the audits and examine all reports frequently, or slippages will simply be missed.

Whether you are an individual concerned about your email security, or an organisation looking to protect your assets regardless of organisation size, get an effective security solution now. Here is one to consider: BorderWare's suite of Internet security programs. Their trademarked (or trademark-pending) and award-winning solutions provide state-of-the-art security for organisations of all sizes.

This post on email compliance was kindly sponsored by BorderWare.

Technorati: BorderWare, email compliance, email security, secure communications