A good spam filtering service is composed of many different features such as an excellent spam detection rate, simplicity of use, outbound scanning, greylisting and, of course, cost.
You also need to take into account the specific needs of your company and the sector that it operates in. While one spam filter might be ideal for one company there is no guarantee it will be perfect for another company.
The best move, at the start of your investment research, would be to compile a list of all the features that you require. Split them into what is vital, what you can do without and what you don’t think you need to invest in at this point in your company’s development. Make sure and take into account potential regulatory fines for allowing a data breach to take place.
You need to have a spam detection rate as close to 100% as possible. A lot of solutions will advise you that they have an excellent spam detection rate of 97%. However, when this is broken down it is a little more of a shortfall than it might sound at first. For example, if you have a large company of 200 workers receiving 100 emails every day then there will be 20,000 emails landing on your email server every day. It has been estimated by cyber security experts that roughly 20 of every 100 emails received will be a spam email. This means that approximately 4,000 emails will be sent to your group every day and, of these, 3% could be delivered if your spam detection rate is 97%. This would mean that there are 120 spam emails landing in a staff member’s email inbox and there is every likelihood that it could infiltrate your servers from there.
There are many different tasks that your spam filter needs to accomplish and, thus, you will have a lot of things to monitor and set up to configure. For this reason the solution that you opt for should be intuitive and straightforward to use. If it is clunky and difficult to manage then the likelihood is that you will miss something and your networks will remain susceptible to attack by cybercriminals.
In order to achieve your goals you need to be able to access and amend spam thresholds, Sender Policy Frameworks, whitelists and blacklists, and recipient verification tools. In addition to this it is vital to be able to further amend these by individual user, user group or company level. This should also be easy to do as small mistakes can have a massive impact on your business.
It is no longer sufficient to just review the emails that are being sent to your staff’s email accounts. It is now most important to scan outgoing email from your server to make sure that nothing that is untoward is broadcast that could result in your domain or IP address being blacklisted. This can happen if an employee falls victim to a phishing scam or inadvertently hand over their log in details to someone without realizing it.
A spam filter for email that features outbound scanning will stop this from happening and ensure that your business does not suffer from not being able to send business critical emails.
If you are being extra careful, which is no bad thing, then Greylisting will be a key feature that you seek. This is a procedure that sends back every email that lands on your email server and asks for it to be re-sent. This method of spam filtering was devised when it was considered that spam email servers operate on such a large scale that they would rarely ever see the request for the email to be resent. This is a key feature to stop spam which is being sent to you from an unrecognised source.
An email spam filter is not something that you should be trying to save money on. It is important to get as much as possible from the solution that you select and to ensure that it meets every single one of your requirements.
The HIPSS Security Rule requires technical safeguards to be implemented to protect against threats to the confidentiality, integrity, and availability of electronic protected health information (ePHI). HIPAA does not specifically mention spam filtering but given the high risk of phishing and malware attacks via email, the lack of a spam filter could be considered a Security Rule violation.
Security experts recommend adopting a defense-in-depth approach to cybersecurity, where multiple overlapping security measures are implemented to block threats. A spam filter is an essential element of cybersecurity defenses, but it is also important to block the web-based component of phishing attacks with a web filter and to provide security awareness training to the workforce.
Cloud-based spam filtering services are quick and easy to implement, usually only requiring a change to be made to the MX record to set up the solutions. Cloud spam filters benefit from almost limitless scalability and are one of the most cost-effective spam filtering options as there is no hardware to maintain and the service provider usually handles all software updates and patching.
Geoblocking is a feature of many spam filtering solutions that can significantly reduce the volume of spam emails. In a spam filter, geoblocking will reject or quarantine emails that come from specific geographical locations, typically countries that have historically been major sources of spam.
We performed some research to determine the prices for business spam filtering services and the cheapest we found was SpamTitan from TitanHQ, which costs $1.08 per user, per month. Vade Secure Predictive Email Defense is $2.27 per user, per month, Proofpoint Email Protection is $3.25 per user, per month, and Ironscales costs $4.00 per user, per month.