Messaging Newswire
Follow Us on Twitter
Facebook Page
Google Plus Page
RSS feeds
Should Archiving Be Part of Your Security Strategy?
Widgets & RSS FeedsOsterman Research has just published Content Archiving Market Trends, 2010-2013, an in-depth analysis of the market for electronic content archiving. Among the things we examined in that study was the role of anti-spam capabilities as they relate to archiving. Here’s some of what we found:
- One-third of mid-sized and large organizations archive all email, including spam, for fear that their anti-spam system might generate false positives and thereby filter out valid email that should be archived.
- Nearly two-thirds of these organizations believe that being able to filter spam from archived search results is important or extremely important.
These results beg two important questions: first, do anti-spam capabilities need significant improvement so that false positives are much less of an issue than they are today; and second, should archiving be part of an organization’s security strategy?
The short answer to both questions, of course, is yes. While there are a number of very good anti-spam solutions available, not all of them are created equal. Some solutions generate a relatively high number of false positives, meaning that some valid email ends up in spam quarantine where it is invisible to an archiving system. Users can usually get into the quarantine and flag these false positives appropriately, but that doesn’t always happen, either because users miss these emails among the mass of true positives, or they are not allowed into the quarantine because of IT department policies. In an interesting meeting with BoxSentry recently, I saw some interesting stats on the efficacy of various anti-spam solutions on the market and noted the wide variability in their false positive performance. BoxSentry’s goal is to get as close to 1 in 400,000 false positives as they can, a target that was established by a Gartner analyst a couple of years ago.
For the second question – should archiving be part of an overall security strategy – there’s no doubt that it should be. Archiving is a critical best practice, notwithstanding the fact that most organizations today do not truly archive their email or other electronic content. Even so, as organizations do choose to deploy electronic content archiving, they must seriously consider the ramifications of it on their security architecture and vica versa. It’s important that an anti-spam system not be permitted to remove valid email from the data stream reaching users without the opportunity to archive that content at some point.
