Q&A: E-mail spam and Software as a Service (SaaS) solutions

David Vella is the Director of Product Management at GFI with experience in quality assurance, network administration and software development. In this Q&A he provides insight into e-mail spam and Software as a Service (SaaS) solutions.

Despite an ever increasing deployment of anti-spam technologies, e-mail spam is still going strong. What technology challenges do you face in order to stay on track with the new types of spam?
Although anti-spam technology has improved enormously to prevent junk mail or spam from reaching people’s mailboxes, the industry is pitted against a foe that is at par, if not sometimes a step ahead of those designing spam filtering technologies. This is a cat-and-mouse game in which industry and spammers win some, lose some on a daily basis. Spammers are no longer interested in being a nuisance or looking to boost their egos. Today, they want a slice of a very lucrative underground market selling people’s identities and any other data that can make money.

The question we need to ask is whether the challenge is technological in nature or something harder to control – human nature. No technology is perfect and spammers will do their utmost to use these vulnerabilities to their advantage. However, it is the hard work and ability of anti-spam developers to react fast to new spam types that forces spammers to constantly seek new routes to operate in and methods to use. The challenge for developers is to come up with technology that filters new spam types as they come out and also to anticipate the spammers’ next move. This is the challenge for developers.

But developing technology is but part of the equation. The human element in email communication cannot be ignored. You can have the best anti-spam technologies around but if an end-user clicks on an email that is in the junk mail folder because he or she thinks it is important, then spammers have won another round. User education should be at the top of the list for businesses because spammers know that it is easier to fool a person than it is to bypass a spam filter.

Spam is and will continue to be a problem. It will be impossible to eradicate spam but controlling its effectiveness will depend on:
1. The anti-spam industry developing new and robust technologies as fast as possible to combat the latest spamming trends, thus reducing the effectiveness of the new spam method, and

2. End-users being told how to deal with spam and to treat emails from unknown sources or senders who never used email before (eg. banks) with extreme caution.

Software as a Service (SaaS) solutions are massively gaining in popularity and many are opting for them instead of having software solutions deployed directly. In your opinion, what are the benefits and pitfalls?
Organisations and businesses come to a crossroad as they grow. As the pressures on their IT infrastructures and services increase, most small and medium business (SMB) are faced with the choice of hosting these services in-house or looking outside the organisation to have the job done for them. What are the options for small and medium sized businesses?

Not every business or organisation has the same needs so what is of benefit to one may not be the right solution for the other. There are advantages and disadvantages to using software or hosted services and these are listed below.

Benefits of using software in-house:

1. Total manageability and visibility over data and infrastructure.

2. Processes remain in-house and secure.

3. Software can be configured to suit company’s needs.

4. No 3rd party handling of data.

5. Only authorized people have access – need to know basis.

6. Lower costs and shorter time-frame to achieve Total Cost of Ownership (TCO).

Downside of using software in-house:

1. Multiple packages can be a headache to maintain and update.

2. IT personnel required to maintain network and services.

3. Some systems require in-depth technical knowledge.

4. In the absence of IT personnel, cost of external IT support comes into play.

Benefits of a hosted services:

1. A hosted service provider can achieve economies of scale for the larger companies experiencing rapid growth but with lower capital risks.

2. Providers operate multiple data centers that are physically secure.

3. Companies can utilize the features and functionality of best-of-breed services.

4. Hosting provider can reduce compliancy costs for companies.

5. Pay-as-you-go pricing for these services.

6. Convenience of someone else managing the processes.

7. Unnecessary network traffic is eliminated.

Downside of hosted services:

1. Loss of local control over critical infrastructure

2. Delivery reliability because the service provider is another “hop” in the chain.

3. All data is in the hands of 3rd parties creating a possible security risk.

4. Even though data may be secure, the human element cannot be ignored.

5. Inability to take decisions and implement immediately.

6. Long-term cost may prove more expensive than purchasing a software solution.

7. Lock-in – once you start putting your data in other people’s hands it’s hard to get it out and put it somewhere else without major time and effort.

For many companies, the answer requires a thorough understanding of their business needs and the long-term benefits in term of costs, security, productivity and reliability.

What kind of evolution do you expect when it comes to e-mail spam in the next five years?
Spammers will become more creative and make full use of the technology that will be available over the next few years. Although spammers’ efforts to bypass the anti-spam industry’s filters will continue, they will focus more and more on human behavior and email usage patterns. This is what spammers have been doing over the past few years – and with considerable success – so if the formula is working now, there is no reason why they won’t use it over and over. Spam may look different in five years’ time, but the underlying strategy will not have changed much.