Spam, or unsolicited email, affects businesses of all sizes. However, for the small business a flood of unwanted emails causes additional problems not experienced by larger firms with big IT departments.
As a company grows, the size of the IT department increases in a similar ratio. Therefore IT groups in small companies are typically small. These employees, by virtue of their small number, have to be aware of all the problems and of course all the solutions - whether it be how to change a printer toner cartridge, install the latest PDA for the MD or indeed how to stop spam.
Unfortunately managing spam is not a set and forget issue - yet. Software is continuing to evolve to make the management process easier, but to really get the best of an anti-spam solution there may be some occasional steps the systems administrator needs to make to keep on top of the problem.
You may ask ‘why is this so?’ Surely spam is spam and it’s easy to spot… it’s always about Viagra so lets just block any emails with the word Viagra.
If that were the case then it wouldn’t be the problem it is today. As with viruses, the authors look for ways to subtly change the messages so that it doesn’t look like spam. For example, by changing the spellings so that Viagra becomes v1agra, and sex becomes sexx. To the human eye we can make the connection but to the computer the words are different. Only sophisticated analysis software will identify and block this kind of spam.
Another complication lies in defining spam – after all one company’s spam could another’s legitimate email. A small company still needs the flexibility to be able to control what messages are coming through. Simply blocking messages relating to mortgages and loans, which is another typical class of spam mail, won’t help an independent financial consultant.
So what happens when spam actually arrives in our inbox? Several surveys have shown that more business people actually open spam than many would care to admit, which highlights that even in a business context, no one is immune to the spammer’s trickery.
The trouble is, spammers aren’t the intellectually challenged morons that the average law abiding internet user would like to believe. Not only do they manage to stay one step ahead of increasingly sophisticated anti-spam technology, they also know exactly which buttons to push and can make the poor recipient just curious enough to open that email.
One of the biggest issues that face the small company is the human costs and issues. If spam messages get through to the desktop, employees will spend time reading and deleting them. Though this process may only take a small amount of time for each email, but multiply that by the number of messages per day and the number of working days in a year and you get a very interesting cost of ownership.
Then there is the additional risk that spam may contain offensive material, as found in some of the spam messages promoting pornographic pay-per-view web sites. There have been numerous cases whereby employees have felt uncomfortable about receiving these and over time have left their jobs. In the cases where employees have asked company management to do something about it, and nothing has been done, then in a number of cases, the employee has sued the employer for constructive dismissal.
Although many small businesses do not have significant resources for IT administration, it is essential that staff are educated on email and web usage and associated security threats – of which spam is only one.
By establishing email and web usage policies and enforcing these with the appropriate email and web security systems, small businesses can reduce the associated risks of spam and other threats.