The intrusion of viruses and spam on corporate networks has grown from an annoyance to a costly problem in the U.S., even forcing companies to double up on prevention. In Europe, however, privacy protections may be limiting the spam problem.
Alan Pawlak, security manager at Aetna Inc., is installing antivirus and antispam software from Tokyo-based Trend Micro Inc. Aetna already has antivirus software from Cupertino, Calif.-based Symantec Corp.
Hartford, Conn.-based Aetna has Trend Micro's InterScan software at the gateway to scan incoming e-mails for viruses and spam; the Symantex software is already running and will continue to do so.
"Our belief is that most security products fail eventually, in some way. But when they do, they don't [all] fail in the same way," Pawlak said. The additional cost of a second gateway antivirus product was a "no-brainer," he said.
In Europe, stricter privacy guidelines prohibit the publishing or collecting of personal information, such as e-mail addresses, without the explicit permission of the individual. That may help cut down on the problem, users there say.
Dietrich Schneider, director of technology operation and strategic global integration at Germany's DaimlerChrysler AG, said he seldom sees unsolicited commercial e-mail, commonly known as spam, and it's probably because of the privacy guidelines.
"I've never had any of that e-mail myself," said Ben Krutzen, information management manager at Royal Dutch/Shell Group of Companies in Amsterdam.
Most companies won't enumerate the costs of spam and virus attacks, but studies indicate they are high, at least in the U.S.
Raymond Huff, president of Trans Pacific Stores Ltd. in Lakewood, Colo., said he knows of the cost firsthand. He was forced to take down his network for a day and a half last month after spammers began using him as a relay. After that, Huff deleted all of Trans Pacific's active e-mail accounts and renamed them so that spam would bounce.
In a March report, ICSA Labs found that only 32 of the 300 companies it surveyed were willing to discuss the cost of a virus infection, even anonymously. Among those who did respond, the estimated cost of infections ranged from US$100 to $1 million. Mechanicsburg, Pa.-based ICSA Labs, an independent division of TruSecure Corp. in Herndon, Va., sets baseline criteria for security vendors.
According to San Francisco-based Ferris Research Inc., the annual cost of viruses to corporations is at least $6 billion. Spam attacks are less expensive, said company President David Ferris.
Although Aetna relies on information such as that, it also conducts reality-checking in-house by running analysis on captured viruses to see what effect they would have had on its systems, Pawlak said.