Preventing unauthorized email issues from hindering an organization

In this expert response, find out how to prevent your organization from sending out unauthorized emails.

Nick Lewis

A recent prediction from Symantec Corp. said, "As the economy continues to suffer and more people seek to take advantage of the loose restrictions of the CAN-SPAM Act, we'll see more organizations selling unauthorized email address lists and more less-than-legitimate marketers spamming those lists." Under what circumstances could your organization do this legitimately, and what can you do to make sure this doesn't happen?

This question is as much about ethics as it is about the information security threats posed by sending out legitimate commercial emails. Commercial, unauthorized email has its place on the Internet, but you must protect your organization from crossing the line and becoming a spammer.

Organizations can buy a legitimate commercial email list in several ways. Infosec pros should develop relationships with marketing departments, and integrate themselves into their projects. This doesn't mean constant communication about all of the details, but if there is a question of technology use, the IT department should take action to ensure the information security risk is minimized for the organization. This could mean explaining to the marketing department that using the list they bought on the black market could have negative repercussions, such as reputation loss or being put on spammer blacklists. Companies can also buy or rent a list through legal means, or get access to addresses by sponsoring an event like a seminar or conference and making it clear the participants' contact information is going to be used for marketing purposes related to the event.

Make sure the marketing department is only purchasing lists from legitimate businesses, and scrutinize the terms and conditions under which the email addresses were collected. Then, be sure to honor the original terms and conditions when sending commercial email to the list.

This was last published in May 2010

Dig Deeper on Email and Messaging Threats-Information Security Threats

All
News
Get Started
Evaluate
Manage
Problem Solve

Related Q&A from Nick Lewis

What are the benefits and challenges of cloud penetration testing?

Cloud penetration testing presents new challenges for information security teams. Here's how a playbook from the Cloud Security Alliance can help ... Continue Reading

How can companies prevent and respond to island hopping attacks?

Island hopping attacks create enterprise risk by threatening their business affiliates. Here's how to create an incident response plan to mitigate ... Continue Reading

What are the best criteria to use to evaluate cloud service providers?

Many cloud providers are tight-lipped about internal security control details. Learn how to evaluate cloud security providers with certifications and... Continue Reading

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

Meet all of our Information Security experts

View all Information Security questions and answers

SearchCloudSecurity

How to build and maintain a multi-cloud security strategy

When using multiple cloud service providers, it's critical to consider your enterprise's cloud scope and the specifics of each ...

Why CASB tools are crucial to your cloud security

CASB tools have gained traction as cloud security becomes more important. Among other features, a cloud security access broker ...

Complexity requires new cloud-based patch management strategies

Patch management for cloud creates new challenges than traditional in-house programs. Expert Dave Shackleford presents patch ...

SearchNetworking

SD-WAN vs. VPN: How do they compare?

When it comes to comparing SD-WAN vs. VPN services, enterprises choosing between the technologies should consider factors like ...

How does 5G network slicing work, and what are the benefits?

5G network slicing promises the delivery of a new generation of high-speed services, including the transmission of 4K and ...

Cisco CCNA practice test: Try these 20 exam questions

Use this CCNA practice test as study material to prepare for the Cisco CCNA Routing and Switching 200-125 exam. With 20 questions...

SearchCIO

Home Depot CIO promotes in-house tech boot camp

For companies having trouble finding qualified IT professionals to hire, the solution may be closer than you think. Just ask Home...

CIO presentation to the board of directors: Candid tips from CIOs

Board presentations can be scary. The good news is CIOs can't go too wrong in a climate where boards are desperate to learn about...

Edge computing use cases must be driven by business value

For Schneider Electric and many other large enterprises that take a look at edge computing projects, the main criterion for ...

SearchEnterpriseDesktop

DaaS may encourage organizations to adopt Macs and Chromebooks

New options for delivering remote Windows apps in the cloud, combined with the maturity of SaaS apps, Chromebooks and Mac ...

Zoho adds new Zoho One features, management application

Zoho One customers can now make phone calls using Zoho's telephony platform, extend provisioning through custom apps and use the ...

4 steps to check application compatibility with Windows 10

Before a Windows 10 migration, IT admins should make sure all applications are compatible with the new OS. Here are four steps to...

SearchCloudComputing

Oracle Cloud Infrastructure SVP shares competitive strategy

Former AWS engineer Clay Magouyrk was one of the first people Oracle hired to build OCI and says Oracle has plenty of time -- and...

Zenoss automates transition to cloud-based IT monitoring

In an effort to improve the user experience while transitioning from on-premises to cloud-based monitoring, Zenoss has added new ...

How to modernize apps as part of the cloud migration process

Take stock of your applications and modernize them where appropriate as part of a cloud migration. Learn about the benefits of ...

ComputerWeekly.com

Government looks into digitising cultural collections with AI

A government report and trial investigate possibilities around mapping and connecting digitised cultural material with emerging ...

Drive for Nordic datacentre transformation

Nordic enterprises looking to spread abroad are outsourcing datacentre IT in cutting-edge ways to gain international advantage

Google pairs ‘record-breaking’ green energy deal with European datacentre expansion commitment

Google CEO Sundar Pichai publicly commits to expanding the company’s datacentre footprint in Europe and gives details of its ...

Dig Deeper on Email and Messaging Threats-Information Security Threats

Related Q&A from Nick Lewis

Have a question for an expert?

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.