Maximizing Email Security ROI: Stop Spam and Save!Written by CipherTrust
This is first of a five-part series on Maximizing Email Security ROI
In realm of email security threats, costs of spam are relatively easy to recognize. Although most organizations rarely, if ever, take time to calculate their spam costs, they can easily account for losses caused by spam with regards to employee productivity, consumption of IT resources and help desk costs. Harder to measure are less obvious, and potentially catastrophic, costs incurred through legal liabilities and damage to an organization’s reputation that can be caused by an ineffective spam filtering technology.
Spam is much more than a nuisance—it costs corporations in both money and human resources. Understanding your exposure and taking steps to mitigate problem not only saves capital, it can also help lower your exposure to costly litigation and damage to your company’s well earned reputation.
Each spam message that makes its way past your organization’s gateway costs company money. The actual cost of each individual message is miniscule, but with an estimated 80% of all e-mail messages qualifying as spam, constant flood of unwanted messages is of grave concern.
How much time do employees spend dealing with spam, and how much does it cost you? Ferris Group estimates that average employee spends 30 minutes each day dealing with spam, equating to 115 hours per employee, per year. Based on interviews with 82 Fortune 500 companies, Nucleus Research claims average annual cost per employee of dealing with spam is now $1,934. While your costs will vary, it is safe to assume that if you don’t have an effective spam filter, you are wasting thousands of dollars per employee per year to manage spam.
IT Resources Consumed
The costs of spam don’t stop with employee. According to CIO Magazine, “costs include additional e-mail and networking equipment to maintain e-mail service quality, bandwidth costs from unwanted spam data across Internet links, and staff costs to maintain and administer these additional loads.”
Help Desk Cost
The ongoing barrage of spam generates increased calls to corporate help desks due to complaints and technical problems related to bad files, missing information, messages deleted by mistake and virus outbreaks. When a message is erroneously deleted as spam, Help Desk personnel are generally required to search through system backups to retrieve missing email. Viruses and worms, frequently delivered via spam messages, also wreak havoc on Help Desk as users call in for help restoring files and updating signatures. In addition, complaints from angry users tie up resources that could be spent on other issues.
Maximizing Email Security ROI: Part II - Stop Viruses Before They Stop YouWritten by CipherTrust
This is second of a five-part series on Maximizing Email Security ROI.
Across spectrum of information security risks, most casual users understand dangers posed by viruses and worms. Network administrators have even more reason to fear a virus attack, as a successful assault can cripple corporate networks for days. The lasting damage, however, is much more difficult to determine with precision, as residual financial impact of a virus infection extends long after actual attack is over. Lost employee productivity, consumption of IT and Help Desk resources and potential for lost data can all exponentially increase hard costs of a virus attack on an enterprise.
The recent proliferation of new “Zero-Day” virus attacks such as May 2004 Sasser worm, which raced across world in minutes and caused $3.5 billion in damages, has once again brought virus protection to forefront of collective consciences of network administrators and CIOs. Quantifying risks posed by viruses and worms to CEOs and CFOs to justify expenditures on network security, however, can be a real challenge. This week, second installment in The IronMail Insider’s five-part series on maximizing email security ROI will shed some light on how to accurately calculate potential for loss due to virus attack, and more importantly, how to explain that potential to controller of corporate purse strings.
Lost Employee Productivity
Now that email is undisputable primary communication method for most organizations, loss of email due to attack can severely affect enterprise operations. Beyond immediate financial expenses involved in restoring network, an attack on your enterprise email system also directly results in countless lost work hours for employees for as long as network remains inoperable. In addition, time spent by end users contacting help desk resources, waiting for infected workstations and servers to be cleaned, and installing patches and updates will negatively impact company’s bottom line until last workstation has been cleaned and last user has returned to productivity.
Consumption of IT and Help Desk Resources
Bandwidth consumed by spread of a virus or worm slows network speed to a crawl or shuts entire network down at once, and infected workstations frequently lock up due to processing power consumed by virus. After attack, Help Desk employees spend days and weeks cleaning individual workstations, repairing servers and applying patches in hopes that another attack can be avoided, when they should be available to end-users to solve more mundane issues.
Attacks that take down entire networks cause exponentially higher levels of lost productivity than those that take down only individual workstations. According to The Computer Virus Prevalence Survey, in 2003 almost a third of businesses worldwide had suffered a virus "disaster," defined as 25 or more computers infected by a single virus in same incident, costing an average of almost $100,000 to clean up each time. More than three quarters suffered outages that caused a loss of productivity, and two thirds indicated that a major effect of an attack was to make a PC inaccessible.