Menu
Best practices for implementing messaging security

Best practices for implementing messaging security

User experience is another area to be careful about when implementing enterprise-class products. Users are especially sensitive to changes in their e-mail systems and a critical factor to ensuring the highest user satisfaction is the perception of empowerment. While enterprise-class e-mail gateways have a low spam/virus false-positive rate, the rate will never be zero.

As users detect these false-positives, they will be angered, frustrated and lose trust in the e-mail system as a business tool. The best way to reduce anger and frustration and increase trust is to empower the user to see and handle their own false positives.

In some environments, users may also want to manage their own antispam sensitivity settings and whitelists. This is more likely to be a waste of time in enterprise environments, contributing to a higher "fiddle factor" with little attendant benefit. Buying and managing user spam quarantines for the daily false positive may seem like a poor use of IT resources, but it gives the users a much greater feeling of control over their e-mail flow and thus contributes to better overall satisfaction with the product.

The implementation area to be very concerned about is operational and management costs. Many messaging-security gateways treat themselves as "black boxes," accepting e-mail and either passing it along, deleting it or quarantining it. An enterprise requires visibility into the box, with the ability to identify and track messages quickly and efficiently. In a high-volume environment, this typically requires a separate server or application that can aggregate log files and provide searching and reporting functions to help desk and operations teams.

When deploying a messaging-security gateway, it's critical to have these tools and services running before the gateway goes into service -- because it is when a system is installed that the question of "what happened to my e-mail" is most likely.

As a litmus test, you should be able to answer in less than a minute the question: "What was the disposition of all messages from the company president's son's AOL account last weekend?" If you don't have quick and easy visibility into the black box, you'll end up angered and frustrated yourself, something to avoid in a product designed to protect us and make our lives easier.

Snyder is a senior partner at Opus One, a consulting firm in Tucson, Ariz. He can be reached at Joel.Snyder@opus1.com.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Events

Show Comments