Resilient e-mail infrastructure manages the e-mail information lifecycle

It is no secret that e-mail is widely considered one of the most business-critical communications tools for organizations of all sizes and in all industries. Nor is it a surprise that e-mail is associated with some of the most proximate and pressing security threats to business continuity. These things

Amidst the viruses, worms, Trojan horses, spam and phishing scams we've witnessed in e-mail, now IT administrators have another concern around e-mail: storage of the ever-growing volumes of messages and attachments their organizations send and receive every day. According to a May 2005 report by Osterman Research, 65 percent of organizations consider growth in messaging storage to be a serious or very serious problem - slightly more problematic than spam.

This concern is well founded. Several industry and government laws and regulations stipulate that e-mail must be securely retained and remain readily accessible for legal discovery for specific periods of time.

The problem is, e-mail systems are not designed for large volume storage. Using primary systems such as e-mail servers for long-term storage and archiving of messages is expensive and risky. Experts estimate that e-mail and other intellectual property can consume between 30 and 50 percent of enterprise storage resources. And unless these resources are properly managed, e-mail storage can hurt the corporate bottom line.

Keeping storage costs down and ensuring regulatory compliance requires organizations to develop and implement a system that protects against viruses and other malicious threats, prevents unwanted messages from entering the e-mail systems and automatically moves legitimate e-mails off the e-mail servers to a secure, fully searchable and accessible archive.

Housekeeping

One of the most effective approaches to e-mail storage is to ensure that only relevant e-mail is stored. For that, organizations must be able to reduce the amount of unwanted, irrelevant e-mail that circulates throughout the network to servers and desktops.

Enter spam. Symantec Security Response report states that an average of 64 percent of total e-mail entering corporate networks is spam. It follows, then, that reducing the amount of spam in the enterprise will have a corresponding effect on e-mail storage.

Antispam technologies and solutions already play a vital role in protecting the messaging infrastructures of businesses of all sizes. With constantly updated spam signatures and end-user spam quarantines, these tools enable organizations to offload spam volumes and prevent spam from entering the precious message stores.

When these capabilities are used in combination with antivirus solutions that clean up mass-mailer worms - the most common virus content found in e-mail - these e-mail security solutions can divert or delete a significant amount of unwanted content.

At the same time, organizations must also inspect and protect both active and stored internal mail. It is essential to scan for and stop viruses that attempt to enter through removable media, personal web-based mail, unprotected laptops and other potential vectors. Also, should an attack occur, message stores must be cleaned of viruses to avoid re-infection while periodic cleaning of older and unneeded content helps keep message stores viable.

Clearly, eradicating spam inside the network is an effective way to prevent irrelevant content from burdening primary message stores.

But what if spam could be stopped before it reaches servers and desktops?

Turn down the volume

The first line of defense against unwanted e-mail content can occur outside of the messaging infrastructure. Using new "sender reputation" and "traffic-shaping" technologies, organizations can effectively address the volume of spam at its source, rather than simply relieving the symptoms of it as it traverses the network.

While spam filters analyze individual messages and use the results to separate spam from legitimate e-mail, sender reputation and traffic-shaping technologies pinpoint the source of each e-mail, analyze its behavior over time, and manage the quality of service the sender receives based on how likely it is that the sender is a spammer. Consequently, legitimate e-mail flows quickly while spam is slowed to a trickle. And, as spam backs up on their servers, spammers abandon their attacks on that particular target since their economic model is threatened.

Estimates are that between 60 and 70 percent of incoming e-mail is spam. And testing of sender reputation and traffic-shaping technologies demonstrates that they can provide an 80 percent reduction in overall spam volume before it hits your critical network resources, which translates into a significant reduction in your overall mail volumes.

The benefits of these technologies continue downstream by reducing the load on other antispam solutions as well as on message stores and archives. By removing unwanted content at the earliest point of entry onto the network, organizations save bandwidth, processing power, and storage space.

A retrievable repository

After legitimate e-mails enter the servers, a system that automatically and transparently moves older e-mails to a secure online repository relieves the storage burden from the e-mail servers and creates a fully searchable archive that allows users to quickly and easily locate and retrieve specific messages. A searchable archive eliminates the time and IT involvement previously required to laboriously recover old messages from back-up tapes for individual records, which is not only costly, but often an impractical task. Robust indexing, search and recovery functionality also eases the time and costs associated with producing e-mail records during the legal discovery process. It also ensures compliance with laws and regulations governing the retention, supervision and availability of business e-records. Archiving software that compresses messages and applies single-instance storage technology also preserves costly storage space.

Archiving software also allows companies to manage the e-mail information lifecycle according to their retention policy. This means automatically migrating data from more accessible storage like the archive, to inexpensive tape, as the information is no longer critical to business operations or regulatory oversight.

Achieving higher levels of security and availability around critical information systems such as e-mail has become a priority for organizations across industries. As businesses are tasked with maximizing e-mail's value, controlling its rising costs and reducing vulnerabilities, they require a new, more holistic information integrity strategy that integrates e-mail security with archiving and policy-driven storage management.

With an integrated toolset that takes advantage of proven message protection and accessibility technologies along with new innovations in spam volume control, organizations can maintain a resilient e-mail infrastructure that enhances security, increases availability and boosts profitability.