Integrating a piece of technology that will determine which emails are delivered to your end-users and which ones are going to be marked as illegitimate is something that needs to be done carefully, as one law firm found out. The adoption of their spam filtering service helped them stop some of the less desirable emails, but it also blocked the delivery of some rather important messages sent by the United States District Court. The problem, as it turned out, was that the controls were set too tightly and legitimate emails were labeled as spam.
The seamless adoption of a spam filtering service is an important way to eliminate bulk and unwanted emails and a critical step in helping your organization identify dangerous spear phishing attacks; however, the key is that the adoption must be seamless. As an IT professional, you must follow the best practices that go along with implementing this type of technical security control. Ignoring these tips, on the other hand, could cause your company some major problems that result directly from your spam filtering service.
Identify the right product
Cost is often a leading factor when choosing a spam filtering services, but the cheapest offering does not always provide adequate protection. In fact, a low-cost solution can wind up costing more in the long run when you consider the costs associated with spam and phishing attacks. Instead of primarily looking at cost, consider the overall value of your email security solution and base your decision on the technologies used to keep your inbox safe from these threats. At a minimum, spam filtering services should include:
- Real-time content filtering
- Anti-virus scanning that is frequently updated
- The ability to detect spoofed email address
- The ability to protect against your email domains from being spoofed
- SMTP challenge/response
- Sender verification
The vendor, or product, you decide on should also be able to offer you a choice between relying on protection through an appliance that you manage on-site or the same protection through hosted spam filtering services.
Test within your infrastructure
No adoption is going to go well if you don’t thoroughly test everything before going live environment you are currently using. This means that the servers, desktop operating systems and email clients should all be the same as your live environment. Once this is built, start to set up the controls on your spam filtering service and send emails from both inside your test domain, and from outside. You may even want to register those dummy email addresses on different marketing lists or sites where you know they will send spam to see if illicit emails are being stopped. Also, make sure that legitimate email messages are making their way through and that any greylisting or address verification technologies are working properly.
Inform and educate your users
Once you know that your spam filtering service will work within your company’s environment, it is time to inform your users in regards to the new system. Additionally, you need to take the time to educate your users on how to properly use the features that allow them to report a message a spam or add an email address to their personal whitelist or blacklist. You should also take the time to teach them how to identify malicious emails so that if any spear phishing attacks or other harmful emails do make it past your spam filtering service, they will know not to engage with them and who to report them to.
Like any new technology introduced into your company, the adoption of your spam filtering service may encounter some bumps in the road. However, these occurrences will never derail your implementation if you keep these best practices in mind.
If you are looking for a spam filtering service that offers layered protection that just works, sign up for a demo of Sendio’s email solution to see just how easy protecting the inbox can be.