Preventing unauthorized email issues from hindering an organization

In this expert response, find out how to prevent your organization from sending out unauthorized emails.

Nick Lewis
Published: 17 May 2010

A recent prediction from Symantec Corp. said, "As the economy continues to suffer and more people seek to take advantage of the loose restrictions of the CAN-SPAM Act, we'll see more organizations selling unauthorized email address lists and more less-than-legitimate marketers spamming those lists." Under what circumstances could your organization do this legitimately, and what can you do to make sure this doesn't happen?

This question is as much about ethics as it is about the information security threats posed by sending out legitimate commercial emails. Commercial, unauthorized email has its place on the Internet, but you must protect your organization from crossing the line and becoming a spammer.

Organizations can buy a legitimate commercial email list in several ways. Infosec pros should develop relationships with marketing departments, and integrate themselves into their projects. This doesn't mean constant communication about all of the details, but if there is a question of technology use, the IT department should take action to ensure the information security risk is minimized for the organization. This could mean explaining to the marketing department that using the list they bought on the black market could have negative repercussions, such as reputation loss or being put on spammer blacklists. Companies can also buy or rent a list through legal means, or get access to addresses by sponsoring an event like a seminar or conference and making it clear the participants' contact information is going to be used for marketing purposes related to the event.

Make sure the marketing department is only purchasing lists from legitimate businesses, and scrutinize the terms and conditions under which the email addresses were collected. Then, be sure to honor the original terms and conditions when sending commercial email to the list.

Dig Deeper on Email and Messaging Threats-Information Security Threats

All
News
Get Started
Evaluate
Manage
Problem Solve

Related Q&A from Nick Lewis

What is the best way to write a cloud security policy?

Enterprises new to the cloud can write new security policies from scratch, but others with broad cloud usage may need an update. Consider these ... Continue Reading

What do the top cloud security providers offer in 2019?

Cloud security providers need to play catch-up with the evolving advancements in cloud technology. Find out what the top CSPs offer today and which ... Continue Reading

What are the top cloud security certifications for 2019?

Cloud security certifications serve to bolster security professionals' resumes and boost value to employers. Learn about the top certifications ... Continue Reading

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

Meet all of our Information Security experts

View all Information Security questions and answers

SearchCloudSecurity

Research shows cloud security vulnerabilities grow

Recent research shows the number of cloud security incidents are growing. Here are the biggest contributors to the complicated ...

4 necessary steps to evaluate public cloud security

The Capital One hack raised questions about public cloud security. Take these four steps to ensure your data is protected.

What are cloud containers and how do they work?

Containers in cloud computing have evolved from a security buzzword. Deployment of the technology is an essential element of IT ...

SearchNetworking

Compare the leading SD-WAN vendors before you buy

This SD-WAN vendor comparison chart is a useful starting point to get information about SD-WAN deployment options, pricing, cloud...

Cisco faces sales slump amid Chinese tariffs, falling SP revenues

Cisco forecast weak revenue growth in the current quarter, as service provider sales fell and product orders were flat. The ...

The top AIOps use cases in network performance management tools

AIOps use cases in network performance management include automating certain network functions, including traffic analysis. But ...

SearchCIO

Blurring the lines between RPA platforms and APIs

RPA is quickly making itself known in the automation market, but the real game changer is utilizing the technology in an API-rich...

Preparing for a 5G deployment: 5 things CIOs need to do now

Experts discuss the five moves CIOs should be making right now to ensure they are prepared to take hold of 5G as it becomes more ...

New class of cloud security suite promises next-gen protection

Nemertes analyst John Burke points CIOs to a new type of cloud security offering that combines the functions of VPN, cloud ...

SearchEnterpriseDesktop

New Windows vulnerabilities reveal there is no rest for weary IT

The two latest Windows security vulnerabilities reiterate the importance for IT admins to stay diligent when updating and ...

7 questions to ensure UEM supports a Windows 10 migration

The right UEM platform will go a long way in streamlining a Windows 10 migration. Ask these questions to ensure your ...

How to automate Windows 10 imaging with Packer

Windows 10 imaging isn't easy, especially with Microsoft's continuous release model. Here's how IT can use Packer and MDT to ...

SearchCloudComputing

Virtual Instruments expands portfolio with Metricly acquisition

Virtual Instruments added more offerings to its cloud migration and hybrid infrastructure management portfolio with an ...

Potential VMware-Pivotal deal raises opportunities, challenges

VMware is in talks to buy Pivotal for about $1.45 billion in a move that could benefit both companies but also require some ...

What you need to know about Google Cloud Anthos

It's time to learn the foundational concepts of Google Anthos, as well as its seven core components that set it apart from AWS ...

ComputerWeekly.com

How to deploy NVMe flash storage for artificial intelligence

We run the rule over NVMe flash as a storage choice for AI applications and the key decision points in form factor and hardware ...

Google finds that web users log in with compromised credentials

People continue to use passwords that have been breached. Google has proposed a protocol, which could warn them if their ...

Passwordless enterprise already possible, says RSA

The passwordless enterprise is getting easier to attain as the security industry gears up to support a passwordless future, says ...

Dig Deeper on Email and Messaging Threats-Information Security Threats

Related Q&A from Nick Lewis

Have a question for an expert?

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.