September 30, 2005 By John W. Verity
"At its high point, my staff was spending 10 percent of their time on this," said Mary Jo Horace, director of the county's Department of Office Technology. "The problem kept growing, and we didn't want to get to the point where we were pulling our hair out."
Cook County, second largest in the nation based on population, had taken an aggressive stance through multiple approaches to block spam and viruses, Horace said, citing firewalls and intrusion-detection software guarding the perimeter of the county's network.
Yet as effective as these combined measures were from a purely technical standpoint, they tended to sap resources from other IT projects the department wanted to roll out.
Cook County joined the ranks of other municipal and county governments turning to e-mail protection services to handle the thankless, tedious and increasingly challenging task of nailing spam, phishing attacks and e-mail-borne viruses before they wreak havoc.
Since April 2004, a firm called AppRiver, based in Gulf Breeze, Fla., has screened every piece of e-mail headed to Cook County's elected officials and staff, stopping 98 percent of unwanted messages dead in their tracks, Horace said. Less spam frees up administrative staff time, network bandwidth and mail-server capacity.
Horace said users have not had to change their e-mail habits or make any alterations within the county's intranet. The only change was a simple, one-time tweak of the county's domain name server records to make sure all messages intended for Cook County were redirected to AppRiver's servers.
"Cook County, like most municipal and county governments, has come to depend on e-mail as a vital tool for internal and external communications," she said, noting that the county relies on 11 servers running Novell GroupWise collaboration software.
Now those servers are more spam, worm and virus free than ever. Upon arriving at AppRiver's Tier 1 server complex, each incoming message gets scoured from top to bottom -- its addresses, routing data, textual content and attachments are thoroughly inspected for telltale signs of spamming and malicious programming.
Based on the level of security system administrators set -- using a remote, Web-based console -- the managed servers delete rejected mail or put it into quarantine, safely sequestering it for manual inspection. Administrators can set up white and black lists of "return" addresses, known to be legitimate or not. The servers also shield Cook County's mail setup from hackers who might attempt to harvest all of its e-mail addresses or shut it down entirely by swamping it with bogus messages.
As far as workers behind the county's firewall are concerned, there's no perceivable impact on their mail service. It takes only a second or two for each incoming message to be fully analyzed, and if all's well, relayed to its intended recipient.
"The time delay was a main concern we had," Horace said, adding that extensive testing eliminated this concern.
This kind of mail protection service has caught on with all sizes of corporations and government agencies that have thrown up their hands in the war against spam.
Given budget and manpower constraints facing many IT shops, time and energy previously spent on updating spam-filtering software and chasing virus infections is better spent elsewhere.
A recent survey by Osterman Research found that the use of managed service providers for e-mail security will grow from 16.8 percent of users today to 30.4 percent in two years.