Government Technology

Scrubbing E-Mail

September 30, 2005 By

It wasn't the Nigerian oil minister scam, nor was it the endless offers of too-good-to-be-true mortgage rates, cheap Viagra, or low-cost vacation homes. It was simply the escalating waste of precious staff time that prompted Cook County, Ill., to turn to outside help in its battle against junk e-mail and computer viruses.

"At its high point, my staff was spending 10 percent of their time on this," said Mary Jo Horace, director of the county's Department of Office Technology. "The problem kept growing, and we didn't want to get to the point where we were pulling our hair out."

Cook County, second largest in the nation based on population, had taken an aggressive stance through multiple approaches to block spam and viruses, Horace said, citing firewalls and intrusion-detection software guarding the perimeter of the county's network.

Yet as effective as these combined measures were from a purely technical standpoint, they tended to sap resources from other IT projects the department wanted to roll out.

Cook County joined the ranks of other municipal and county governments turning to e-mail protection services to handle the thankless, tedious and increasingly challenging task of nailing spam, phishing attacks and e-mail-borne viruses before they wreak havoc.

Since April 2004, a firm called AppRiver, based in Gulf Breeze, Fla., has screened every piece of e-mail headed to Cook County's elected officials and staff, stopping 98 percent of unwanted messages dead in their tracks, Horace said. Less spam frees up administrative staff time, network bandwidth and mail-server capacity.

Transparent Cleanliness

Horace said users have not had to change their e-mail habits or make any alterations within the county's intranet. The only change was a simple, one-time tweak of the county's domain name server records to make sure all messages intended for Cook County were redirected to AppRiver's servers.

"Cook County, like most municipal and county governments, has come to depend on e-mail as a vital tool for internal and external communications," she said, noting that the county relies on 11 servers running Novell GroupWise collaboration software.

Now those servers are more spam, worm and virus free than ever. Upon arriving at AppRiver's Tier 1 server complex, each incoming message gets scoured from top to bottom -- its addresses, routing data, textual content and attachments are thoroughly inspected for telltale signs of spamming and malicious programming.

Based on the level of security system administrators set -- using a remote, Web-based console -- the managed servers delete rejected mail or put it into quarantine, safely sequestering it for manual inspection. Administrators can set up white and black lists of "return" addresses, known to be legitimate or not. The servers also shield Cook County's mail setup from hackers who might attempt to harvest all of its e-mail addresses or shut it down entirely by swamping it with bogus messages.

As far as workers behind the county's firewall are concerned, there's no perceivable impact on their mail service. It takes only a second or two for each incoming message to be fully analyzed, and if all's well, relayed to its intended recipient.

"The time delay was a main concern we had," Horace said, adding that extensive testing eliminated this concern.

Saving Time

This kind of mail protection service has caught on with all sizes of corporations and government agencies that have thrown up their hands in the war against spam.

Given budget and manpower constraints facing many IT shops, time and energy previously spent on updating spam-filtering software and chasing virus infections is better spent elsewhere.

A recent survey by Osterman Research found that the use of managed service providers for e-mail security will grow from 16.8 percent of users today to 30.4 percent in two years.

| More


Add Your Comment

You are solely responsible for the content of your comments. We reserve the right to remove comments that are considered profane, vulgar, obscene, factually inaccurate, off-topic, or considered a personal attack.

In Our Library

White Papers | Exclusives Reports | Webinar Archives | Best Practices and Case Studies
McAfee Enterprise Security Manager and Threat Intelligence Exchange
As a part of the Intel® Security product offering, McAfee® Enterprise Security Manager and McAfee Threat Intelligence Exchange work together to provide organizations with exactly what they need to fight advanced threats. You get the situational awareness, actionable intelligence, and instantaneous speed to immediately identify, respond to, and proactively neutralize threats in just milliseconds.
Better security. Better government.
Powering security at all levels of government with simpler, more connected IT.
Cybersecurity in an "All-IP World" Are You Prepared?
In a recent survey conducted by Public CIO, over 125 respondents shared how they protect their environments from cyber threats and the challenges they see in an all-IP world. Read how your cybersecurity strategies and attitudes compare with your peers.
View All

Featured Papers