Spam Costs $874 per Employee per Year
Unsolicited commercial "spam" e-mail costs U.S. companies $874 per employee per year in lost productivity, according to a new report out from independent research company Nucleus Research. The report, entitled "Spam: The Silent ROI Killer" (referring to return on investment) contains the results of interviews with employees and IT administrators at 76 different U.S. companies. The $874 figure is based on an hourly pay of $30 and a work year of 2,080 hours, Nucleus said.
Among the other findings of the report are •Companies lose approximately 1.4 percent of each employee's productivity each year due to spam. •The average employee receives 13.3 spam messages each day. Employees spend, on average, 6.5 minutes per day managing spam.
An executive at one vendor of antispam products said the cost may be even higher. If anything, Nucleus's numbers sound a bit low, according to Joe Fisher, director of product management at Tumbleweed Communications, a vendor of antispam products. "I might argue it's a bit higher, depending on the organization.
At Client Server Technology, Partner and Senior Network Engineer John Minickene added, "In addition to the productivity issues caused by spam attacks, there are other direct costs businesses suffer such as downtime on infected machines as well as labor and/or consultant costs to remove viruses, embedded tracking software, and for some older machines; replacements where repair costs outweight buying a new system. Although many of our clients implement anti-virus and spam filtering on both the server and desktop levels, there are some that roll the dice and when they get hit or are infected, they incur costs whether they repair the PC's or replace them."
Although Minickene recommends all servers and PC's should have both anti-virus and anti-spam software, he suggests these front-end costs of deploying these solutions across the board isn't always the best approach. "I take each client's environment on a case-by-case basis", states Minickene. "If I have an insurance company that has a total 60 computers, where 30 PC's are under 2 years old and the rest over 5, we sit down first and discuss what they are looking to accomplish. If over the course of the next 12 months they are looking to replace the over-5 year old machines, why invest a few hundred dollars per machine on protection software and labor? Unless the machines are mission-critical or storing sensative data, the better solution would be to deploy a mix by limiting access by locking them down and perhaps budgeting this money to phase in newer machines that have this protection preloaded. This way they don't invest any dollars on a solution that will replaced in the near future" states Minickene.