The Anti Spam Challenge – Minimizing False Positives

Written by CipherTrust

Email isrepparttar quintessential business communication tool, so when it doesn’t work like it’s supposed to, business suffers. Anti spam software is designed to protect your inbox from unwanted messages, but unless your system is properly trained evenrepparttar 105530 best software missesrepparttar 105531 mark and flags legitimate messages as spam. These messages are referred to as “false positives.”

While consumer and ISP anti spam products focus on blocking messages and even consider some false positives acceptable, businesses require anti spam solutions that treat their messages as very valuable. Failing to receive critical messages in a timely fashion can do irreparable damage to customer and partner relationships and cause important orders to be missed, so eliminating false positives while maintaining high anti spam accuracy is paramount to any enterprise anti spam solution.

What causes false positives? Different anti spam solutions utilize different methods of detecting and blocking spam. Anti spam software typically uses content filtering or Bayesian Logic, an advanced content filtering method, to score each email, looking for certain tell-tale signs of spammer habits such as frequently used terms like “Viagra” or “click here.” Other anti spam solutions reference blacklists and whitelists to determine whetherrepparttar 105532 sender has shown spammer tendencies inrepparttar 105533 past. A false positive can occur when a legitimate sender raises enough red flags, either by using too many “spam terms” or sending from an IP address that has been used by spammers inrepparttar 105534 past.

Minimizing False Positives Although it takes a person only a moment to process a message and identify it as spam, it is difficult to automate that human process because no single message characteristic consistently identifies spam. In fact, there are hundreds of different message characteristics that may indicate an email is spam, and an effective anti spam solution must be capable of employing multiple spam detection techniques to effectively cover all bases.

A comprehensive anti spam approach involves examining both message content and sender history in tandem. By using a reputation system to evaluate senders based on their past behavior, a more accurate picture of their intentions and legitimacy can be discerned, and a solution’s false positive rate can be further lowered. Hasrepparttar 105535 sender engaged in spamming, virus distribution or phishing attacks inrepparttar 105536 past? If not,repparttar 105537 likelihood of their message getting pastrepparttar 105538 email gateway just went up, andrepparttar 105539 chances of a false positive declined accordingly. If they have, an effective reputation system knows and flagsrepparttar 105540 message.

2005: An Email Compliance Odyssey - Get your enterprise ready to comply with multiple federal information privacy laws

Written by CipherTrust

“The two overarching themes for compliance management in 2005 will berepparttar adoption of best practices andrepparttar 105305 accelerated focus on and use of IT.” --Gartner Research

Federal legislation targetingrepparttar 105306 dissemination of private information has forced businesses in every industry to rethink how they communicate. The three primary regulations,repparttar 105307 Health Insurance Portability and Accountability Act (HIPAA),repparttar 105308 Gramm-Leach-Bliley Act (GLBA) and Sarbanes-Oxley (SOX) affect virtually every aspect of an organization’s information sharing practices, and complying with these laws requires a new approach to communication as a whole. As e-mail has becomerepparttar 105309 most important communication tool for any organization, special care must be taken to ensure that all messages sent or received are withinrepparttar 105310 realm of legally appropriate interaction.

Each ofrepparttar 105311 three primary regulations affects a different area of an enterprise’s communications. The HIPAA and GLBA regulations are similar in scope, but differ in their targeted industries; SOX differs in that it pertains not only to personal information, but also torepparttar 105312 integrity of financial reporting data. Whilerepparttar 105313 acts differ from one another in their language, they all share one common attribute: stiff penalties for those who violate them.

For email, most vendors have focused on content filtering and encryption technology as a contributor to compliance. While both of these technologies are necessary for ensuring compliance, relying solely on these tools does not provide adequate protection. An effective approach to regulatory compliance must consist of multiple technologies working together to:

  • Accurately detect regulated material
  • Dynamically act to prevent compliance violations in real time
  • Protect not only messages but also users and systems
  • Verify and demonstrate compliance through reporting and integrity checks

Detection The text contained within an e-mail message must be thoroughly scanned in order to identify terms that could constitute a violation ofrepparttar 105314 law. Dynamic dictionaries of regulation-specific terms must be maintained and common formats such as Social Security and credit card numbers must be identified beforerepparttar 105315 message leavesrepparttar 105316 e-mail gateway. File attachments present an additional risk, as they can contain libraries of information that must also be handled in accordance with federal guidelines. To neutralizerepparttar 105317 threat of file attachments, file attachments must be verified based on their encoding, not just their extension. Archives such as .zip files must also be thoroughly scanned in order to evaluate everything contained inrepparttar 105318 archive.

Violation Prevention While identifying compliance violations isrepparttar 105319 first step inrepparttar 105320 process of regulatory compliance, detection alone is insufficient. Knowledge of a violation is important, but stoppingrepparttar 105321 violation before it ever leavesrepparttar 105322 gateway is imperative. A compliance solution that is deployed atrepparttar 105323 email gateway ensures that no messages will leave or enterrepparttar 105324 organization without first passing throughrepparttar 105325 appliance. This ensures thatrepparttar 105326 organization is not left exposed to employee error or malicious intent, whether from outsiderepparttar 105327 gateway or within it.

Cont'd on page 2 ==> © 2005
Terms of Use