Email content security - Addressing the email risks Page 2
by over 10 million people around the world. Especially since the company in questionwas a law firm, and the employees were attorneys, this email caused severe damageof reputation.
#4. Confidentiality breaches
Most confidentiality breaches occur from within the company. These breaches can beaccidental, for instance a Siemens Nixdorf employee unintentionally distributedconfidential internal emails to a trade worker’s association. In Australia, a travelcompany accidentally sent a customer list to a competitor when an employeeselected an incorrect alias as the recipient. However confidentiality breaches can alsobe intentional. Borland International Inc. filed a lawsuit against one of their formeremployees who had used the company’s email system to send out confidentialinformation to competitor Symantec, his new employer. The trade secrets includedproduct design specifications, sales data and information regarding a prospectivecontract for which both companies were competing. The employee and recipient wereboth charged with trade secret theft.
#5. Regulatory compliancy
New and existing regulations are forcing companies to keep a record of their emailsand to protect their client’s privacy. In the US, the Health Insurance Portability andAccountability Act (HIPAA) requires health care institutions to keep a record of theiremail communications and secure confidentiality of information. The U.S. Securitiesand Exchange Commission (SEC) and Gramm-Leach-Bliley Act (GLBA) impose similarduties on financial institutions. In the new IRS Circular 230, the IRS requires taxadvisors to add an email disclaimer to any emails including tax advice, expresslystating that the opinion cannot be relied upon for penalty purposes. Steep penaltiescan apply to those organizations that do not comply with their industry’s regulations.In a case lasting from 2000 until 2005, a well-known financial institution wasrecently forced to pay 20 million dollars in penalties by the Securities and ExchangeCommission for not diligently searching for email back-up tapes and over-writingmultiple back-up tapes.
#6. Increasing bandwidth and storage needs
Not only is the use of attachments growing, their size is increasing as well. Accordingto the Radicati Group, attachments make up more than 85% of all email data. Largeattachments use up bandwidth and storage space. Although the cost of storagespace has decreased over the years, the larger the message store, the moremanagement it requires and the longer it takes to restore messages after a mailserver failure.
How to protect against email risks
The first step in securing your company from email risks is to create an email policythat sets out all the do’s and don’ts regarding the company’s email system. Next,you must enforce your email policy by distributing it amongst your employees andeducating users in their email use. Finally, you require content checking softwarethat filters your internal and external email traffic in order to enforce your emailpolicy.