"At its high point, my staff was spending 10 percent of their time on this," said Mary Jo Horace, director of the county's Department of Office Technology. "The problem kept growing, and we didn't want to get to the point where we were pulling our hair out."
Cook County, second largest in the nation based on population, had taken an aggressive stance through multiple approaches to block spam and viruses, Horace said, citing firewalls and intrusion-detection software guarding the perimeter of the county's network.
Yet as effective as these combined measures were from a purely technical standpoint, they tended to sap resources from other IT projects the department wanted to roll out.
Cook County joined the ranks of other municipal and county governments turning to e-mail protection services to handle the thankless, tedious and increasingly challenging task of nailing spam, phishing attacks and e-mail-borne viruses before they wreak havoc.
Since April 2004, a firm called AppRiver, based in Gulf Breeze, Fla., has screened every piece of e-mail headed to Cook County's elected officials and staff, stopping 98 percent of unwanted messages dead in their tracks, Horace said. Less spam frees up administrative staff time, network bandwidth and mail-server capacity.
Transparent Cleanliness
Horace said users have not had to change their e-mail habits or make any alterations within the county's intranet. The only change was a simple, one-time tweak of the county's domain name server records to make sure all messages intended for Cook County were redirected to AppRiver's servers.
"Cook County, like most municipal and county governments, has come to depend on e-mail as a vital tool for internal and external communications," she said, noting that the county relies on 11 servers running Novell GroupWise collaboration software.
Now those servers are more spam, worm and virus free than ever. Upon arriving at AppRiver's Tier 1 server complex, each incoming message gets scoured from top to bottom -- its addresses, routing data, textual content and attachments are thoroughly inspected for telltale signs of spamming and malicious programming.
Based on the level of security system administrators set -- using a remote, Web-based console -- the managed servers delete rejected mail or put it into quarantine, safely sequestering it for manual inspection. Administrators can set up white and black lists of "return" addresses, known to be legitimate or not. The servers also shield Cook County's mail setup from hackers who might attempt to harvest all of its e-mail addresses or shut it down entirely by swamping it with bogus messages.
As far as workers behind the county's firewall are concerned, there's no perceivable impact on their mail service. It takes only a second or two for each incoming message to be fully analyzed, and if all's well, relayed to its intended recipient.
"The time delay was a main concern we had," Horace said, adding that extensive testing eliminated this concern.
Saving Time
This kind of mail protection service has caught on with all sizes of corporations and government agencies that have thrown up their hands in the war against spam.
Given budget and manpower constraints facing many IT shops, time and energy previously spent on updating spam-filtering software and chasing virus infections is better spent elsewhere.
A recent survey by Osterman Research found that the use of managed service providers for e-mail security will grow from 16.8 percent of users today to 30.4 percent in two years.
Outsourcers contend they protect mail more effectively than in-house approaches because their technical staff members include experienced specialists who live and breathe spam- and virus-fighting. These people make it their business to keep up with new system vulnerabilities and proposed countermeasures.
Such talent is quite scarce these days, and even large corporations can't afford to hire full-time specialists. Best of all, the customer retains complete control. Even though its mail filtering is now handled outside the firewall, Cook County has a real-time view into the service, Horace said.
"We get a report every day on what spam and viruses have been blocked," she explained. "And we can look at a Web page to see live reports about special virus alerts."
The reporting also helps Horace improve the department's operations.
"I can see the activity for each user and see the main person receiving spam," she said, adding that employees seen as targets of unusual volumes of junk mail may be asked to attend educational classes where they can be made aware of the risks that arise from answering unsolicited mail, filling out forms on the Web and participating in Usenet forums.
As IT managers know only too well, no e-mail security setup is 100 percent effective. Spammers, phishers and virus-writers are always refining their tactics and devising new scams, which means that constant vigilance among end-users is an organization's best defense.
"We go that extra step," said Horace.
