December 11, 2016

12 Reasons to Deploy Email Monitoring

(LiveHacking.Com) – With all of the effort email administrators put into monitoring their email servers for utilization, disk space, and error logs, they may be overlooking some of the most important information they can get out of their email system – how it’s actually being used. Companies that implement email monitoring quickly find a wealth of useful information about how employees are actually using email to perform their jobs, or in some cases, instead of performing their jobs. Using email monitoring is much like using web monitoring. It provides insight into patterns and behaviors, identifies trends and issues, and can even support compliance efforts.12 Reasons to Deploy Email Monitoring

Here are 12 important reasons why you should deploy email monitoring on your network:

  1. See who users email the most time to identify patterns and efficiencies.
    This will let you know who communicates with whom, to ensure the right people are interacting with one another.
  2. Learn who the key contacts are for each user or role.
    If a job transitions to another user, it can help them quickly get up to speed on the primary contacts they will have.
  3. Discover which customers or vendors need the most attention.
    This is a great way to head off customer satisfaction issues early.
  4. Identify the customers most likely to provide good referrals to others.
    Those who receive the best communications are likely to be the most satisfied.
  5. Identify the users spending excessive time on personal email.
    Sending emails to traditional personal accounts (Hotmail, Gmail, Yahoo, etc.) is a pretty good indication that they are not communicating with your customers unless you are a consumer-focused business.
  6. Measure response times to customer emails to be sure they are getting answers when they should.
    You should have standards for response times, and this will let you confirm your employees are meeting those commitments.
  7. Confirm that the help desk is replying to users within their SLAs.
    Users tend to call the help desk because they don’t get responses to emails quickly enough. Knowing just how long it takes to get a response helps identify staffing or performance issues.
  8. Find the mail hoarders so you can work with them to purge email, or charge them for the excessive space.
    Disk space is a limited commodity, and departments that use excessive amounts either need to be brought into compliance, or charged for the usage.
  9. Ensure that your email system isn’t being used as a file server, and that attachments are business-related.
    Email is a convenient way to trade files between users, but it places increased demands on server resources. See just how much space is being used, and ensure it’s not for MP3s and videos.
  10. Make sure customers aren’t emailing inactive or deleted accounts so you don’t miss any opportunities or leave customers thinking they are being ignored.
    An unanswered email is a good reason for a customer to contact your competition next. Identifying inactive accounts that customers still email makes sure someone responds.
  11. Ensure email communications use professional and appropriate language.
    Every email an employee sends represents your organization, so you want to be sure communications are sent in a professional manner without profanity or slang.
  12. Make sure users aren’t forwarding emails to personal accounts or the competition.
    Finding emails going to competitors helps stop the loss of intellectual property.

An email monitoring solution will show you how your users actually use your email system, where communications channels exist, and whether or not any compliance issues exist. It’s the next level of email management and an extremely valuable source of information.

Editor Note: This guest post was provided by Christina Goggi on behalf of GFI Software Ltd. GFI is a leading software developer that provides a single source for network administrators to address their network security, content security and messaging needs. Learn more about the benefits of using email monitoring.

Disclaimer: All product and company names herein may be trademarks of their respective owners.

6 Ways to Optimize Your Spam Detection Mechanism

(LiveHacking.Com) – Spam is a scourge that causes several problems for most organizations and therefore needs to be stopped before it reaches the users’ mailboxes. Luckily, there are various types of anti-spam filters to suit different types of organizations; however, it is important to understand that spam detection can be quite tricky. If the configuration is wrong, valuable emails will be incorrectly classified as spam. You therefore need to ensure your anti-spam filter is configured correctly to avoid as many false negatives as possible and without creating false negatives as well.

So how would one go about configuring spam detection?6 Ways to Optimize Your Spam Detection Mechanism

In order to have an effective spam detection mechanism, you can use various techniques. Different products might provide a combination of these technologies but it is important to understand what they are in order to be able to configure each one effectively.

1. Bayesian Filtering:

Bayesian spam filtering is an advanced way for a computer to determine whether an email is spam or not. Bayesian filtering is a system that through training can “learn” to distinguish between spam and legitimate emails. It does this through a statistical analysis of what words one expects to find in a legitimate email and not in spam. To do this, Bayesian filters need to be trained using legitimate emails and spam. Some products offer automated updates and allow the customer to do their own training. Having vendors do the training is advantageous due to the wider range of samples that the training is based on. It is hard to gauge the rate of false positives and false negatives this method can cause. The strength of this method is based entirely on the quality of the training and how typical the spam or legitimate email being checked is.

2. Databases:

Some anti-spam filters include databases of known spammers, open relays and spam emails. These databases have a variety of uses – from recognizing spam email, to recognizing other harmful content in emails such as links to malicious and phishing sites.

3. DNSBL:

DNSBL (DNS Blacklist) is a service offered by some organizations that provide a database of known spammers, open relays and zombies sending spam. Accuracy is dependent on the classification systems used by the service provider. While they’re generally quite good, these systems are sometimes accused of being too strict and thus causing some false positives.

4. Email Analysis:

There are a number of ways to analyze an email and be able to determine if it is spam or not. Some software might check that the headers are crafted correctly, for example if the emails are being addressed to whoever the email is claiming to be addressed to, while others might look for specific keywords. Accuracy can vary but you can expect that keyword-based anti-spam detection will have a higher than normal rate of false positives.

5. Greylisting:

Greylisting is a process whereby an email that arrives at your mail server from an unknown sender, is initially rejected. This will make a legitimate mail server retry again after a delay; if legitimate, the email will be accepted. In many cases the software used by spammers will not try again if the first attempt failed. Provided the mail server sending the email is properly configured, there is no chance of false positives with this method and a minor chance of false negatives should a spammer specifically cater for such scenarios.

6. Sender Policy Framework (SPF):

SPF works by having domain owners specifying what hosts are authorized to send email from the specific domain. If the host sending the email is an unauthorized source, it is marked as spam. This method can cause false positives if a legitimate user sends an email from an unauthorized location, such as a mobile phone.

Knowing what the major spam detection mechanisms are and to what extent they may create false positives are, will help you take an informed decision on how to choose and configure an anti-spam filtering solution.

Editor Note: This guest post was provided by Emmanuel Carabott on behalf of GFI Software Ltd. GFI is a leading software developer that provides a single source for network administrators to address their network security, content security and messaging needs. Read more on what your anti-spam filter should include.

Disclaimer: All product and company names herein may be trademarks of their respective owners.

Damage limitation: Mitigating exploits with Microsoft’s EMET

Security vulnerabilities in applications have become an everyday problem. Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) activates extra protection mechanisms included in recent versions of Windows, which are able to frustrate many attacks. However, getting the configuration right can sometimes be harder than you might think.

Source: [TheHSecurity]

Read the full article here.