I had a number of very good conversations with clients yesterday on a trip to the San Francisco Bay Area. In one of those discussions, we focused on email and the fairly blasé attitude that many have toward resolving its problems. Email, after all, is a primary conduit for phishing that can wreak havoc on the financial accounts and networks of companies large and small. Spam, while less of a problem than it was two years ago, still represents 75% of all email traversing the Internet—three out of every four emails! False positives—those valid emails trapped in spam quarantines that might be purchase orders, contracts, customer inquiries and other critical communications—cost organizations at least $200 per user per year.
But email isn’t sexy. IT decision makers aren’t intently focused on improving spam filtering because they’ve heard about it for years and they already have spam filtering solutions in place. They aren’t focused on solving the false positive problem because it’s individual users or departments that bear the brunt of the problem and news of false positives often does not find its way up to an IT decision maker. Phishing is extremely important as a top-of-mind issue—but usually only after a successful attempt has infiltrated a corporate network and allowed the bad guys to access customer records or corporate login credentials or intellectual property.
Social media or mobile or BYOD are much more interesting. They’re new and interesting and more top-of-mind because they’re more critical issues that need resolution yesterday. That said, email deliverability and usability are still important issues that must be addressed. Users in the workplace spend an average of 165 minutes on the typical workday doing something in email, dramatically more time than they spend on social media, text messaging, telephone calls or any other communication or collaboration medium. False positives are a serious problem because time-sensitive and other information end up in quarantines and might not be seen for 24 hours or longer or ever. Spam filtering is still critical because just one phishing attack can bring create havoc in any organization—ask RSA, Oak Ridge National Laboratory or the International Monetary Fund about their sensitivity to a phishing attack.
The bottom line is that email really isn’t sexy—but so what? Email problems need to be resolved.