Law firm Simpson Grierson has found a solution to its spam problems through a managed security service provider.
The firm first tried to manage spam internally, but “never felt it had the problem under control”, says information services director Valerie Fogg.
“We tried all sorts of tweaks. It was taking up a lot of time internally.”
Simpson Grierson was struggling to find a viable solution it could trust and not require hours of administration. False positives — valid emails that are incorrectly treated as spam — were a real problem, Fogg explains.
“False positives are really serious for us,” she says. “If instructions from a client are lost it could have serious implications.”
Users would have to check their quarantined spam messages each day. Fogg says when considering a change to a managed service, she needed to be comfortable with the management of these false positives.
Service provider MassageLabs came to the party on that need. MessageLabs’ vice president for the Asia Pacific, James Scollay, says the company provides a service level agreement (SLA) guaranteeing no more than one in 333,000 messages is falsely identified. Scollay says the SLAs are backed by “commercial terms” and are set aggressively.
“SLAs are a core feature,” he says.
Fogg says with the in-house system, there was always a proportion of spam messages getting through. Each user would receive six or seven “obvious” spam messages a day, she says. This would annoy users, but since outsourcing calls from users about spam have “completely gone away”, she says.
Scollay says there is now less chance a message will be incorrectly blocked than there is of a Partner pressing “delete” by mistake.
“The quarantine feature is the most underused feature we have,” he says. “Less than 5% of users check quarantine because they don’t need to.”
Fogg says the savings from the changes are hard to quantify, but she estimates two hours a day are saved in the IT shop. On top of that, users are saving time as well and, given the users in a law firm compete for billable time, that’s a “huge issue”.
MessageLabs also provides internet filtering services, but Simpson Grierson has not implemented that as yet. Fogg says this is because filtering traffic is international and Telecom charges one rate for local data traffic and another higher rate for international traffic.
“It’s one of many issues Telecom needs to improve on to get the competitive offerings companies overseas get,” she says.
She says overall the managed security service approach has meant a reduction in risk for Simpson Grierson because nothing gets on to the firm’s internal systems.
Scollay says MessageLabs’ major international competitors are Postini and Frontbridge. The first was bought by Google and the second by Microsoft. In New Zealand, Auckland-based start-up SMX (Computerworld, February 25) also provides managed spam services.
Adrian Dominic Ho, research manager for managed services and enterprises networks at analyst firm IDC recently told CIO Asia that in the past spending on managed security had been a bit like an insurance policy.
“This mindset has changed as enterprises realised that the threats out there are real but, more importantly, the chronic shortage of skilled security professional has made the need to adopt managed security services even more compelling,” Ho said.
He added that the recent flurry of managed security product launches, acquisitions and partnerships, demonstrate that providers are battling for a bigger slice of a fast growing market.