In-Depth

Bacn: Better than Spam but Still Clogging Inboxes

Classifying all messages as either spam or ham leaves a gaping hole that breeds confusion across the enterprise. Enter bacn.

by Shaun Wolfe

Spam is an ever-present descriptor for unwanted e-mail. Less known, but equally as important, is the concept of ham. Meaty and sustaining, not to mention better tasting, ham is business-critical e-mail. Spam and ham represent the two polar ends of e-mail classification. Where is the rest of the e-mail value chain? Classifying all messages as either spam or ham leaves a gaping hole that breeds confusion across the enterprise. Enter bacn.

Bacn fills the gap between spam and ham. It refers to e-mail you want, but not right now. Examples include Google Alerts and opt-in newsletters. The information is valuable, but business wouldn't suffer if you skipped one or two e-mails.

The term Bacn was coined during a discussion at Podcamp2 Pittsburgh at the end of August, and while not an official industry term, bacn has risen to fame among IT departments. The rapid adoption rate for the term demonstrates the need for better classification terminology across the industry. Fragmented e-mail governance policies, wasted archive capacity, and inefficient network bandwidth are all symptoms of the inability to identify and classify bacn leads.

Storage is cheap and network efficiency can be easily increased, but this perspective ignores the true purpose of e-mail governance. On average, as much as 30 percent of e-mail can be classified as bacn, when combined with spam, the number of non-business e-mail rises to 65 percent. Blindly archiving all e-mail without adequate classification cripples e-mail management, regulatory compliance and e-discovery efforts. Ask any seasoned enterprise IT director which is better -- an e-mail archive of 100 TB or 300 TB.

Bacn's Effect on Regulatory Compliance

Updates to the Federal Rules of Civil Procedure (FRCP) were adopted in December 2006. A year later, companies still struggle to reach compliance with governance policies that deliver e-mail under the required tight deadlines. The cost of noncompliance could reach into the millions of dollars.

The new FRCP guidelines dictate that an inventory of relevant electronic information (e.g. e-mail evidence) must be delivered to a judge within 99 days of litigation filing. All parties must show where the relevant information is stored and be ready to deliver the actual data if requested. At a cost of up to $3 per message reviewed, the cost to review enterprise e-mail spanning a 90-day period can easily reach $500,000 or more, and that's if you can access it in a timely manner. Fines for missed deadlines exacerbate the problem. In one case, a U.S. district court imposed a $50,000-per-day fine for missing FRCP e-discovery deadlines.

The first step to combating classification pressure is to analyze traffic patterns within the e-mail network. Most IT departments have little, if any, insight into the day-to-day e-mail traffic of their companies. Where are the majority of messages coming from and where are they going? What type of messages are they (e.g. HTML, text, newsletters, internal messages, customer messages, system alerts, etc.)? Who are the power users? When is traffic at its peak? Analyzing e-mail usage provides a foundation for future governance policies.

With e-mail traffic effectively mapped, IT departments can create e-mail categories to separate ham from bacn and spam. On average, 65 percent of e-mail can be classified as bacn or spam, which doesn't need to be archived. The goal is to identify and classify these messages before they enter the archive. Eliminating unnecessary e-mail from the archive drastically improves recovery time, not to mention wasted effort and e-discovery fees reviewing unnecessary messages.

Incoming vs. Outgoing Traffic

Mapping e-mail usage not only manages incoming bacn, it also helps prevent outgoing bacn. Companies are responsible for both incoming and outgoing message flow. How much of that flow is business-critical versus bacn?

More important, this ability eliminates e-mails containing sensitive customer information or confidential intellectual property slipping through the cracks. The Enterprise Strategy Group (ESG) estimates that more than 65 percent of an average company's intellectual property is sent via e-mail at some point in time.

Any solid e-mail governance plan includes the ability to check outgoing e-mail against established control policies. Granted, no IT department wants the responsibility of reviewing all outgoing messages. Beyond simple workload limitations, however, most IT departments don't want the perception that IT invades the privacy of an organization's employees. It's a no-win situation for IT. Instead, the process should be automated through software policies and controls.

The Solution Takes Shape

Effective e-mail governance starts with thoroughly analyzing e-mail traffic and developing classification categories that apply to all enterprise messages. This, however, is only the start. The real solution lies with consistent application of the classification scheme before messages enter the archive.

Bacn may not be the category name chosen to describe messages between spam and ham. The name isn't as important as the concept. The need to better classify e-mails is clear, especially as mandates such as the FRCP continue to hit home. Companies must gain visibility within their networks and implement governance policies to manage e-mail traffic and archives. Without better controls, IT department face increasing inefficiencies and legal penalties -- all because of a lack of bacn.

- - -

Shaun Wolfe is president and CEO of Message Gate. You can reach the author at [email protected]

Must Read Articles