Scott Larsen has taken great pains to be able to sleep at night, confident that the e-mail systems at his workplace are being maintained and that the wall separating those systems from spam and phishing attacks still stands.
But, as at many organizations, the wall guarding the e-mail systems at Larsen's company-travel agency Groople-is constantly under siege, with the attacks getting more brutal.
"As Groople has grown, I have seen the volume of e-mail-based attacks skyrocket," said Larsen, the company's manager of IS. "It soon overburdened our e-mail gateway, and I was forced to implement new systems and software to handle the huge increase."
Vendors and enterprises alike are faced with a new e-mail threat landscape, where spam is increasingly laced with malware and targeted attacks have become more common. IT pros have a lot to consider-both in terms of technology and best practices-as they deal with the growing e-mail security challenge.
According to Larsen, Groople grapples with about 1 million e-mails each month, 76 percent of which are either blocked by Trend Micro's Network Reputation Services or quarantined as spam. About 5 percent of spam messages get through to Groople in-boxes, he said.
To avoid this messaging traffic overburdening the network, the company went to a load-balanced e-mail gateway environment earlier this year. Larsen said he made sure security was woven into the gateway's fabric.
"Our entire e-mail infrastructure is architected in conjunction with our security infrastructure ... to maximize the use of multiple layers of protection," Larsen said. "An attack must make it through several separate layers to get onto a user network. Any company that looks at e-mail as simply a business tool is blind. E-mail is a significant security threat to all businesses and should be addressed aggressively."