3 best practice ideas to stop email blacklisting (part 2)

It is important to realise, no matter how much money you throw at preventing viruses, trojans, malware or spam, it only takes one internal user to click on the wrong phishing email and your network is compromised. You can lessen the chances of these security breaches by spending more money on better software, however the best cure is always prevention through education (See “4 causes of email blacklisting and how to fix it” part one).

If you think you have been blacklisted, read how to remove blacklists first.

Invest in security firewall hardware

The first upgrade you need to fight and manage blacklists is a hardware based security firewall. Sometimes called a security appliance, this device is connected to your switch and acts proactively to remove and isolate security issues.

Most individual PCs have software-based firewalls, which are great for small offices of less than five PCs.  Additionally, most routers have some limited security firewall protection, however, for larger offices with multiple servers, it is a good idea to have a router, switch and a separate hardware firewall.

For multi-site or large offices, here are the most common places to deploy these security firewalls:

  • between main servers and internet
  • between wired and wireless networks
  • between departments where information is extra sensitive
  • between head/branch offices
  • at your extranet to outside vendors
  • between applications and database farms in data centres

Wireless is often the weakest link in a network and any office with more than one server should protect themselves with a network firewall.

At $4,000 to $10,000 for a device, this might be an expensive option for some, but well worth the peace of mind.

Enterprise grade virus protection

antivirusThe second area to upgrade is your Virus/Spam/Malware protection software. There are many very good free versions of software that protect you from anti-virus, spam, malware and trojans, and these are often great choices for less than 5 PCs.

These often give you 95% or better protection per PC.   As your network gets larger and/or your core business relies on the security of your computer information/data, we recommend you invest in a regularly updated system that blocks 99% or better of the known issues.

Rather than only deploying virus protection on individual computers, a centrally managed virus protection system is a minimum for any network with more than five (5) computers.  The centrally managed system can monitor all your PCs and push the latest software to all end-devices.  Trend Micro, Kaspersky and ESET are  typical user systems with 99% protection rate.

Indicative prices for server based protection is $400 per server per year. Additionally, budget to spend $40 per PC.

Invest in a network sniffer

Network Security Appliance

Network Sniffer is a third area of protection which allows you to find the source of the problem quickly, based on a scan of your network for unusual activity.  This PC based Security Appliance (see image) costs around $1800 and is mainly used for monitoring and finding issues.

The network sniffer is a device plugged into your network that monitors traffic from various IP addresses.  This is useful to pinpoint problems in the network such as a user not following the policies or a Trojan that has latched onto your network and is deploying spam emails in the middle of the night.

If you do not have enough money for any of the above, the low cost alternative is to change all user and device passwords every 30 days and/or follow password formats in this article. Be sure to include devices such as scanners, printers and voice systems as these often have passwords.

At best, the above is more about risk mitigation, rather than prevention. In the end, you have to balance the short term and ongoing cost versus the risk of being down. If you have above recommendations in place, problems are more likely prevented upfront. And when problems occur, you have the tools to find and correct in hours versus an ongoing saga over a few days.

Even if you spend lots of money on the latest virus protection, security appliances and filters, if your staff click on a bogus email or website promising them millions of dollars from a distant Aunt in Nigeria, you’ll still get nicked.

References

1. ” Is a Firewall Needed for Routers?”  by Alan Parsons, Demand Media,Houston Chronicle, Small Business.

2. “Firewall vendors revisit core technologies to win market“, by Philip Hunter, 12 August 2013, Engineering and Technology Magazine, Vol 8, Issue 8.

3. To see which anti-virus vendors get a 99%+ rating, go to AV Comparitives website.

4. Sample centralised anti-virus console from ESET

Anti-virus console

Having issues with your blacklisted emails? Chat with a consultant today!