Malware

Apply the D.I.C.E. framework to determine your best anti-spam solution


This blog post is also available in PDF form as a TechRepublic download, which includes the sample Excel D.I.C.E. worksheet.

Everyone hates spam. It fills up your inbox, and you have to waste your time deleting it. If you own your own business, you want to make all of your people as effective as possible by eliminating the distraction of spam. You know you need something to help with that endeavor, but what?

There are countless products available promising to help you with the spam, but which of them is right for you? No one can make this decision better than you. You know your needs, budget, and infrastructure. To make the best decision, you need to consider dozens of parameters and answer specific questions about your needs for anti-spam protection. To help you make this important decision, TechRepublic suggests using what we have dubbed the D.I.C.E. (Difficulty, Investment, Capability, and Expandability) framework.

To help you apply the D.I.C.E framework, we've created a sample Excel worksheet that incorporates the framework described. The worksheet is available in the download version of this document. Enter your weighting for each of the categories in the worksheet and then rate the importance of each category for each product to get an indication of which anti-spam solution you should acquire. To make the D.I.C.E framework spreadsheet available to the most users, we have included an Excel 2003 and an Excel 2007 version of the worksheet in the download.

Difficulty

There are three levels of difficulty you need to look at when trying to choose an anti-spam solution. The first one is how difficult it will be to implement this product. Implementation will vary greatly from product type to product type. You can have a quick solution that will be up and running in under an hour or something that may take a week or more to fully roll out. You must consider the time it will take you to have it up and running.

Another factor is how hard the solution will be to update. Generally, this will be fairly simple, but it's such an important part of the solution that you should know how it works before you choose a product.

The last factor is how hard this solution will be on your users. Will they have to do anything? Will they need training? How will they go about retrieving any false positives that may get marked as spam? You need to know this, as you don't want to choose a solution that creates as much work for your users as the spam you're trying to eliminate used to cause.

Investment

You will probably know how much the product costs and how much you can afford, but there are several other factors that you should consider beyond the initial price. The first is whether you have an annual renewal cost for updates. For your spam product to be effective, it will need to be regularly updated. Most vendors are going to charge a fee (generally annually) for you to continue receiving these updates.

You will also need to look at how long it will take you to get the solution operating at optimal functionality. You may have to let the solution run for a week before it can operate at peak functionality. This will vary from vendor to vendor; some may not even have a time. This is a choice you will need to make.

You will also want to look at the time investment you will need to put into the product. How much time commitment will it take weekly from either you personally or your IT person? If you contract out your IT work, how much more will you have to pay for that person to work with this solution?

Capability

What will your new anti-spam solution do for you? Of course, you want it to deal with your spam problem, but at what level of efficiency are you comfortable with? A couple of very common measures are the percentage of spam blocked and the percentage of false-positives.

The first one is easy to understand. If you have 1,000 spam messages a day, how many will it block? You, of course, want this number as high as possible, but you must also realize that by itself, the number is useless. By simply blocking every message that comes through, you can achieve the same thing.

This is where false positives come in. Every good message (commonly called HAM) blocked by your filter as spam is a false positive. For the percentage of spam blocked, you also need to know the percentage of false positives. You will never get an anti-spam solution that's perfect in either of these respects, but what level of each can you afford?

Expandability

You plan on your business growing. Will the spam solution you choose for five employees now work just as well with 25 users or 50 users? What will you have to do to grow it? Will you have to move it to a new server or upgrade to a different product from your vendor? If you can move up to your vendor's bigger product later, how much will that cost you?

What if you don't increase the number of employees, but instead you double or triple your volume of e-mail? Will the solution be able to hold up? Will it perform at the same level on 10,000 messages a day as it does on 1,000? Also, if you use a client-side product as part (or all) of your solution, will you have any difficulty adding users to the system? Will it see your new users automatically and provide for them, or will it need to be configured for each new user?

Decisionmaking

As you can see, there are many things you will need to consider when purchasing a solution. Not all of these will be as important to you as others. It really is your business, and you should do what works for it. While the information above does not tell you which solution to buy, it does provide you with the information you need to know when considering an anti-spam application.

D.I.C.E. framework

One thing you will notice in going through the D.I.C.E. framework is that I have put no weighting on any of the categories. This is because it is up to you to determine your primary concerns and needs. This is something you should decide before even beginning your search for a anti-spam solution. Once you have that, you can apply the framework in whatever weighted manner you wish.

0 comments

Editor's Picks