A Thing
The Green SheetGreen Sheet

The Green Sheet Online Edition

October 22, 2007 • Issue 07:10:02

Dam spam with secure e-mail

By Michael Petitti
Trustwave

You are sitting at your desk when you hear a bell indicating an e-mail has landed in your inbox. It could be a note you've been waiting for all day or a new client, perhaps. But instead, the document looks something like this:

  • 75% off (insert brand-name medication) when you order online!

  • !!!gEt y0ur free (insert hip new technology product that wouldn't possibly be given away) NOW!!!

In the beginning, the appearance of these exhortations in your inbox was a minor annoyance. But when the amount of junk mail received daily tripled in size, it became a battle.

According to a study by Spam Filter Review, 40% of all e-mail in 2006 was considered unsolicited. At a business with 1,000 employees, 2.1 million spam e-mails are received annually. In 2001, spam merely trickled, constituting 5% of all e-mail. Now, we're submerged.

The continued increase in spam volume presents an opportunity for you, as enterprising ISOs and merchant level salespeople, to understand that security will, if it hasn't already, become the No. 1 priority for merchants who accept payment cards.

Reselling a secure e-mail service that scans for spam and associated malware will expand your offerings to include a solution to a problem experienced by every merchant, every day.

It will also distinguish them as a trusted entity that understands data security concerns and productivity issues. Every person receives some e-mail spam.

With e-mail being the preferred method of communication in today's business world, spam is ubiquitous and hinders productivity everywhere - if only because of the time it takes to determine a message is unsolicited and delete it.

But that's only the beginning. Spam clogs cable, slowing network traffic and possibly overwhelming an e-mail server until it is forced out of service.

Threat levels heighten

Spam serves as a hackers' courier for delivery of viruses, worms and other malware that are ever more cleverly disguised. These programs can commandeer a machine, allowing a user to send commands to the computer from a remote location.

These computers are referred to as zombies, and a network of them can send millions of e-mails in a short amount of time without the computer owner's knowledge.

Malware can also lead to the theft of cardholder data from a merchant's network. In Trustwave's investigations of more than 325 cases of payment card compromise, it finds malware is the most common method by which a hacker gains access to a merchant's payment system to steal cardholder data.

Keep in mind the vast majority of these cases occur with merchants whose only acceptance of credit cards occurs in a card present environment.

Make security a priority

As has been emphasized throughout this series of columns, the threat of payment card compromise and mitigation efforts such as the Payment Card Industry (PCI) Data Security Standard (DSS) are having a profound effect on the payments industry.

More and more merchants are learning about protecting cardholder data and complying with the PCI DSS.

As a result, merchants have more security-related questions. They are beginning to demand solutions designed with data protection in mind and offering associated data security services and products.

Reselling Unified Threat Management (UTM) appliances and Extended Validation (EV) SSL certificates is helpful.

To offer merchants a cost-effective solution to spam's onslaught, you can resell a secure e-mail solution designed with the payments industry's requirements in mind.

This can both widen your revenue stream and show merchants that you truly keep their needs in mind.

E-mail security technologies on the market help combat spam and associated threats in a number of ways.

First, these solutions ensure that every message sent to an organization is clean before it enters the network to ensure that the protected network isn't bogged down with e-mail.

In addition, users of these solutions can rest easy knowing their network is protected from viruses, worms or other malware that could lead to a breach of their payment system. end of article

Michael Petitti is Chief Marketing Officer of Trustwave and is responsible for all of the company's marketing initiatives. He serves on the Merchant Risk Council's board of advisers and on The Green Sheet Inc. Advisory Board. Call him at 312-873-7291 or e-mail him at mpetitti@atwcorp.com

The Green Sheet Inc. is now a proud affiliate of Bankcard Life, a premier community that provides industry-leading training and resources for payment professionals. Click here for more information.

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.

Prev Next
A Thing