Ten years ago, preceding the dot com bomb, only a handful of organisations had bought email security software. The overwhelming business driver was the growing number of incidents of workers being sacked for using company email to send pornographic material on the corporate email system and highly embarrassing public email gaffes like the infamous Claire Swire case.
The problem was significant enough to spawn a small industry of software providers bent on solving the world’s corporate porn problems. Content control was the key to commercial success; in fact, the embedded technologies for recognising skin colour and form were so advanced they were licensed from ex-military applications designed to detect tank tracks from satellites. Integrated artificial intelligence systems designed to automatically learn an organisation’s confidential information to avoid data loss formed the earliest data leakage prevention systems.
These feature-rich, deep content inspection features were only available due to the underlying Windows operating system’s ability to present the content to the inspection engine. In 2002, however, the technology took an abrupt turn with the arrival of spam.
By 2003 more than 30 per cent of email volume was estimated to be made up of spam and Windows based anti-spam systems ran into trouble. In order to determine whether content is spam, porn or confidential information, you need to write a file to disk or memory. But anti-spam systems based on Windows couldn’t keep up.
Another industry was launched; a much, much larger one — anti-spam appliances. They were pedigree solutions that were very good at performing a specific stated task. Based mainly on Linux and without the file system limitations of Windows, they could write thousands of files for inspection to memory rather than disk, vastly improving throughput.
Spam control became very specialised but was at the cost of broader content control capabilities such as porn and data loss prevention. Since the introduction of appliances, however, one thing hasn’t changed — the relentless growth in spam.
Spam now accounts for more than 90 per cent of overall email volumes but the capabilities of anti-spam appliances have reached their limitations and organizations are increasingly relying on a handful of cloud computing services to solve the problem.
And solve it they have — at least to the extent that spam can credibly be solved. Most anti-spam products and services publish spam capture and false positive rates that are within a percentage or fractions of a per cent of one another. This leveling of the playing field has shined new light on the other thing that hasn’t changed: Companies continue to have problems with Internet porn in the workplace and the accidental leakage of corporate confidential information via email.
Content Control is still an issue and both anti-spam appliances and cloud based security services have failed to solve it. Many organisations have retained their legacy on-premise email security infrastructure specifically to mitigate the risk of content control. The phenomenon is so entrenched that several security vendors have offered an email security cloud computing strategy spruiking a hybrid approach of ‘Cloud for spam’ and ‘on premise’ to solve data leakage and porn problems.
The question begging to be asked here is how much of the cloud computing benefit is lost by the fact that an on-premise piece needs to be maintained to deliver comprehensive email security? I would argue all of it. Cloud computing provides unlimited scalability, 5 x 9 service availability and performance guarantees which are all but made redundant if they are dependent on a component single point of failure on the network. It is the greatest flaw in the email security ‘hybrid’ strategy.
You are always going to be better served with a pedigree solution that allows you to benefit from all of its features caveat-free with service guarantees intact. You need to be able to decommission legacy on-premise email security infrastructure and move all the content control functionally into the cloud alongside your anti-spam and anti virus defense strategy. Your organisation gets to enjoy all the benefits that cloud computing has to offer as well as solving the original problem. Hybrid applications for any technology do little more than expose a glaring deficit in their technology strategy: The benefit gained via the problem they are trying to solve is ultimately defeated by the increased management overhead.
Charles Heunemann is managing director, Asia Pacific operations, at Webroot Software.