Magazine article Communication World

Think before You Send You Can Prevent E-Mail Disasters and Protect Confidential Information by Securing Your Systems

Magazine article Communication World

Think before You Send You Can Prevent E-Mail Disasters and Protect Confidential Information by Securing Your Systems

Article excerpt

Shakespeare wrote, "Discretion is the better part of valor," and that's no less true today than it was 400 years ago. Whether you are protecting unannounced corporate earnings or the details of your CEO's personal life, confidentiality is vital to your business and your reputation, and maintaining it can prevent a host of problems, ranging from embarrassment to a lawsuit.

In the past, keeping information private wasn't complex. You simply locked your file cabinet and used a hushed tone when speaking in public. You sealed an envelope, so that it would be obvious if it had been opened. But then e-mail came along, and the game radically changed.

When it comes to the exchange of information, nothing moves faster than the Internet, and e-mail has become the preferred communication tool for those who want timely delivery and response with uninterrupted work flow. We now have a fast-food mentality toward e-mail that disregards the unfortunate truth that communicating quickly is not necessarily the same as communicating effectively. Speed versus quality is an issue. There are trade-offs that come with the speed and efficiency of e-mail, the top concession being security.

Digital communication and the viral nature of e-mail have taken the issue of security and privacy to a new and often dangerous realm. With our increasing dependency on e-mail as a tool for faster communication comes the need to recognize its security shortcomings.

The high price of failure

Communication professionals are privy to a wide range of sensitive and proprietary information that, if handled inappropriately, carries a high risk of damage to the organization, not only to its reputation but also to its bottom line. A 2005 survey on computer crime and security, conducted by the U.S. Computer Security Institute and the Federal Bureau of Investigation, found that the theft of proprietary information alone cost the average company US$303,234.

In addition, if your company has access to individuals' personal, medical or financial data (whether it's from your customers or those of your clients), legislation such as the U.S.'s HIPAA (Health Insurance Portability and Accountability Act) and Sarbanes-Oxley Act and the EU's Privacy Directive requires you to implement safeguards to ensure that information is kept confidential and secure.

You've likely experienced how dangerous e-mail can be and are acutely aware of its high potential for misuse. You might even spend a fair amount of your time dealing with the crises that arise when e-mail is misused, intentionally or not. (See "The Dangers of E-mail," opposite, for some examples of e-mail horror stories.) The irony is that communication professionals, charged with the control and dissemination of information, lose all control as soon as they hit "Send." E-mail can easily spread beyond its intended recipient. The message can be forwarded, the information within cut and copied, even sent to a competitor or other unintended party. It can be plagiarized or used out of context.

Furthermore, while traditional snail mail in a sealed envelope indicates that no one else but you has accessed the contents, sending an unprotected e-mail is like sending a postcard through cyberspace. While in transit, it is routed through and stored on multiple servers, where it can be accessed and read by people other than the designated recipient.

Many organizations post a disclaimer or automatic signature saying that the e-mail is for intended recipients only, but these cannot guarantee the privacy of the information contained in a message, and they certainly can't prevent a security breach.

Decreasing your vulnerabilities

Companies should consider implementing an e-mail policy that educates employees about accepted practices concerning the company's e-mail system. The policy should communicate e-mail risks so employees are aware of the potential for harm. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed

Oops!

An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.