Kroll Ontrack obviously know a thing or two about data disasters, it is a company that spends its entire time working with the consequences of them. So who better than to do a data recovery survey with a twist: if you only had time to save one file which would it be?

Asking a cross-section of business types just what they consider to be the most vital of business data proved to be an interesting exercise. I am guessing that there was some kind of ‘assuming you had no backups’ suggestion implied in all this.

I asked my secretary, also known as ‘the wife’ or if she is in earshot ‘the lovely Yvonne’, what would she save for the good of the business. Rather sensibly, I guess, she said the accounts. “After all” she explained “HMRC are not going to accept ’sorry, they got mislaid by the courier’ as a valid excuse, are they.” She may well have a point.

Personally, I would choose exactly the same as an astonishing 81 percent of those surveyed and save my email. That’s my email message database, not my contacts file or appointments calendar, they can go hang - it is my message base that is vital to my business.

“Our statistics reveal that e-mails are the most important files for business executives,” said Phil Bridge, Managing Director, Kroll Ontrack UK. “Regardless of the size of IT budgets, organisations simply cannot afford to ignore implementing systems to help avoid severe data loss. Employee education, careful planning and rigorous backup testing of e-mail storage is the only way critical information is protected.”

The reasoning, Kroll argues, is simple: “the logistics required to restore a large e-mail system is complex, and due to its critical nature, downtime needs to be minimised.” Indeed, for this very reason many companies are now capping the storage capacity of user mailboxes and inadvertently increasing the risk of users losing their e-mails.

Kroll Ontrack put together some top tips to e-mail bliss for executives.

Look, like most people I get a lot of spam and a fair amount of it would fall into the phishing scam category I guess. Quite apart from the stuff that has not been sent to one of my email accounts, I also get to see stuff forwarded to me by concerned readers of magazines or websites to which I contribute. A little hint, there is no point sending me copies of your spam so please stop it. The only exclusion being when you have a real news story to throw in my direction, and ‘look at this spam’ is not it.

Anyway, the point of this posting is that it really takes a lot to stand out amongst the phishing crowd these days. Much of it is very sophisticated, using every technique possible to obfuscate the real sender address. Much of it comes in HTML format with the body painstakingly copied from an authentic bank or business communication: branding, logos and house style copied to the last dot. Much of it is very believable, after all that is the whole point of a phishing scam, you have to reel your mark in, make them believe to bite and get caught on your fraudulent hook.

Which is why I just had to ignore my own ‘don’t forward your spam’ advice and share this message from what has to be a candidate for the dumbest phisher in history award.

What you won’t see here is the Japanese script which was left intact at the top of the HTML format email, something of a clue that the letter might not be from Dr Mike Ellis, Group Finance Director of the Halifax bank of Scotland after all. As, indeed, is the free webmail @yahoo.co.jp Japanese return address.

And that is quite before we get to the bit about him happening to find a dormant account in his office, containing £15 million, and for some reason wanting to make a business arrangement with me so that we can share it. Not that ‘Dr Mike’ actually says what he has in mind, nor even that I should contact him about it. I guess he assumes I am smart enough to know a good thing when I see it and compose that eager response.

Do you think I should reply?

mkellis111@yahoo.co.jp

Good day to you,

I am Dr. Mike Ellis, Group Finance Director Halifax Bank of Scotland, I

have urgent and very confidential business proposition for you. I

discovered a dormant account in my office, worth 15,000,000 million

pounds.

- Dr Mike Ellis

Symantec has just published the latest State of Spam Report and it highlights a rather worrying trend: namely a shift in the origination of spam from North America to EMEA. Indeed, the percentage of spam originating in the EMEA region by volume has now surpassed that of North America which has traditionally been at the heart of spam distribution.

This has not just happened in January alone, which the report covers in detail, but has been noted for the last three months in total. However, in January Symantec observes that around 44% of all spam email is coming from Europe compared to just 35% heading out of North America.

Mind you, Symantec also admits that the very nature of the spammer means that it is actually rather difficult to pinpoint the geographic origin of spam with 100% accuracy. Spammers do everything they can to obscure this fact, after all they don’t want law enforcement to track them down or DNS block lists either.

One thing I can agree with Symantec on regarding the European spam issue is that it is most likely to be increase broadband usages that is driving the trend. Look at the figures and you discover that when it comes to the number of broadband users globally, Europe has much of the top ten list wrapped up. The last stats that I saw, which are six months old now, had 6 out of the top ten countries for broadband use being located in Europe.

That said, when you consider the penetration of super-fast broadband, and we are talking 100Mb/sec speeds here, in Asian countries such as Korea, Japan and Singapore, it is somewhat surprising that Symantec reports only 15% of spam originating from that continent. So maybe the broadband thing is a bit of a red herring after all…

A global market survey conducted by Astaro Corporation has suggested that more than 65 percent of IT department will be investing additional security funding into WLAN security, vulnerability scanning and web application firewalling during the next fiscal year.

The survey included 2800 IT pros from industries as diverse as manufacturing and healthcare, education and financial services. 100 percent of those surveyed relied on firewalls for the first line of defence when it comes to external attack, no great surprise there then. Antivirus and Antispam on 91.5 and 90 percent respectively, were listed as the next most used security technologies with VPN products on 81 percent and Intrusion Protection Systems on 74 percent following fairly close behind. I’m not convinced that Antispam is actually an IT security product, despite spam being a transport mechanism for threats. However, that’s perhaps an argument for another blog posting.

70 percent of the survey respondents were rightly concerned with preventing unauthorised users from accessing the corporate network or confidential data, slightly more (72 percent) concluded that keeping an overview of possible security weak points will be the biggest challenge for IT departments over the next five years. But it looks like email encryption could be the big surprise as far as the IT security market is concerned, with 22 percent already using it and 67 percent worried about preventing the leakage of company data.

“Today companies are finding that they can’t rely on the basic network security they had in place just a few years ago” says Jan Hichert, CEO at Astaro. “Network administrators are continuously faced with the task of updating and adding layers of protection in order to keep their networks secure against the latest threats.”

Amen to that, and if the survey has revealed a trend for the greater use of email encryption then network admins should be happy enough as it will reduce the workload when it comes to keeping company data out of trouble.