5 Reminders on Managing Email Infrastructure
Email has become vital part of day-to-day business communications, topping all forms of electronic communication. In 2009, The Radicati Group released an email statistics report, projecting email usage between 2009 and 2013.[1] Here are some of the highlights:
- Corporate users process at least 207 emails per day (2012)
- Employees spend quarter of each day on email and email tasks
- A typical 1,000-user organization can spend upwards of $1.8 million a year to manage spam.
- Annual loss due to viruses for a typical 1,000-user organization will amount to over $158,000.
- 419 billion emails are sent each day in 2012 (507 billion will be sent in 2013)
CSOnline ran a helpful piece today on “How to avoid 5 common email management mistakes.”[2] Their five key points serve as helpful reminders for managing email in a business setting. I’ve highlighted the big ideas below:
1. You must have an active data protection and compliance strategy in place.
Management must support a business-wide acceptable use email policy. This involves understanding and enforcing any compliance issues in relation to your business (particularly important for healthcare and finance). As the same time, employees must be trained and understand the potential threats of targeted attacks via email and the risk and penalties for exposing secured data in emails. In addition to policies, the person or team responsible for email management must have some time of data loss prevention (DLP) system in place that inspects and analyzes outgoing emails to prevent confidential information from leaving network.
2. You must have some active form of anti-spam and anti-phishing solution in place.
Even though spam has been dealt a significant blow, it continues to plague business and personal users. Management must implement technologies that reduce spam and phishing messages. Employees must be trained to respond properly when encountering suspicious emails.
3. If your company is using a cloud solution, make sure the provider can meet all security and compliance issues before signing a contract.
In February, I posted a story highlighting this very problem in the City of Los Angeles when Google failed to meet their security requirements again and again. So even though a third-party cloud provider for email may reduce costs or simplify implementation, you must make sure the provider can meet your requirements and have a contingency plan in case of disaster.
4. Your backup server must be as secure and up-to-date as the primary email server.
Due to the low use of backup servers, some companies have not always kept security and service up to date on those servers. Hackers take advantage of this vulnerability by bypassing the main server and exploiting the backup server. Make sure the backup server is not only up to date but is part of the overall monitoring process.
5. Prepare for transitioning to IPv6.
Even if IPv6 is not on the front burner, it is important to begin developing a transition plan that includes updating any outmoded IPv4 routers and switchers that conflict with IPv6.
[1] Editor: Sara Radicati, Ph.D; Principal Analyst: Masha Khmartseva. “Email Statistics Report, 2009-2013.”
[2] Susan Perschke. “How to avoid 5 common email management mistakes.” CSOnline, May 21, 2012
Source:
