Friday, 12 August 2016 16:51

Combating Spam: The Whack-A-Mole and Jenga Strategy

Written by


Combating Spam Email in 2016
The Whack-A-Mole and Jenga Strategy

   
Spam email continues to be a growing problem in business. It is expensive and time-consuming. There are a few solutions to spam, but the increasing amount of spam is compounding the problem. The question is not if a spam attack will occur, but when, and how well the target of the hack is prepared. We use the Whack-A-Mole metaphor to describe the reactionary principle of combating spam. Security software writes fixes after an attack, usually in the form of a patch to the current software we have installed to protect us. The Jenga is used to describe the precautionary principle of combating spam. This is partnering with an experienced hosting company and qualified website developer to provide security before hand, and in a preventive manner after the attack.
We provide our clients with website and email hosting. Email and website security are intertwined and both affect the other. Our best practices include both reactionary and preventive principles. Many business owners that choose to self-direct email and websites are unaware of the technical aspects of creating and maintaining a website and email. It is complicated, and getting more so. A hacker’s attack is expensive and time consuming to fix. Most owners do not have the level of expertise to recover from these attacks. Most have to hire outside companies to clean computers, networks and websites of the infected code, hoping with fingers crossed that the website files or computer programs are not damaged, destroyed, or otherwise compromised.
There are two common scenarios we deal with on a weekly basis where business owners get themselves into a dangerous situation.
Scenario One, Website Hosting:
A business owner hires someone with some level of computer expertise, often a photographer, computer repair person, or a graphic designer to design a new website. Because of their inexperience, we call them Fake Internet Professionals. FIP’s always use cheap hosting companies. You get what you pay for, and cheap hosting has little to no technical support. Owners will spend hours on the phone to correct any issues. The owners have every intention of maintaining the website. The problem is that they don’t understand that maintenance also means they need to upgrade the software platform (back-end), not just the content and images (front end). They simply don’t know how to maintain the back end properly. So the website is susceptible to hackers.
Scenario Two, Email Practices:
Most legitimate businesses use a domain address. Many business owners are unaware of the need to protect their email just like locking the office when you leave at night or setting a pass code on cell phones. Two of the easiest practices to implement are spam software in-house, and a no-attachment policy. These are both preventive policies.
1. Keeping the spam software up to date on all workstations with all the security updates from the manufacturer, it’s critical. Most send warnings and notifications that an update is available. Make it mandatory.
2. The second policy is to implement “never-open-an-attachment” and “never-click-on-the-link” email policies. Just delete them, then delete them from the trash, and finally, delete them from the Recycle Bin. Simply deleting the email from your Inbox is not enough.
There are many hi-tech basics that business owners should know and embrace. Below, we pick our top three:
1. Create a few web-based email addresses like Yahoo, Gmail, MSN, (web-based.com), etc.
A. One email address should be used for entering all those free trips to faraway places, a super-duper free e-book or free whatever websites. It is for email that can be deleted and is not important.
B. We suggest another email for any purchases made online, or networking groups, or associations. An email address you can use, but only need to check periodically.
C. A third email address should be the name of your.business: @web-based.com. Never use your business domain email address except for business.
2. Be prepared to create a new domain email address. Email addresses have a shelf life, so don’t get personally attached to it. I had the same email address for ten years, but then it started receiving too much spam and had been added to too many junk mail lists. We created a new one, and it solved the issue.
3. Ease of use usually means open for problems. Ease of use or DIY (Do it yourself) self-directed website generator software means there is a lot of back-end coding. Some common DIY platforms are SquareSpace, Wix, and Wordpress. The more code in these platforms offers more opportunity for hackers to gain access to your website.
More Insight: Cheap hosting companies have thousands of sites on one server. They maintain tens of thousands of servers, both in-house or cloud based. They are not responsible if your DIY website software is not updated and it gets hacked. Most do not have backup capabilities to restore the site if the hackers damage or destroy the website files. These hosting companies are not responsible if viruses are received through emails and these emails damage or destroy your computer or company network and affect all the computers in your business. You are responsible if your company is sending corrupted files and viruses to other businesses. They are only responsible if the server is down.
At the end of the day, the front end of using the Internet is getting easier, thanks to Website templates, drop-n-drag programs, one-click installation and free open-source platforms. The back end, coding, and security continue to get more complicated and specialized. Most FIP’s can’t even transfer a domain, let alone keep a site secure, or recover a site when it is hacked, or a computer is infected with a malicious virus.
Like an insurance policy, be should you know what you have, and the level of expertise. Spam email is getting worse, and hackers are elevating their reach and frequency. They can hack into your website and infect your in-house computer network, which can infect everyone in your professional network/database. Unlike DIY hosting, we manage, monitor and maintain our servers. We can’t stop hacker attacks, but we are prepared for a fight to keep your company data safe and secure. Is your current hosting company and web site service provider similarly prepared?

 

Last modified on Friday, 12 August 2016 17:05
© 2016 Reputatus/Vigilant Corp. All Rights Reserved.