There are increasing reports of email misuse, malicious use, mistaken use, and just plain bad implementations of email systems that allow the many outside threats and desperado insiders to exploit vulnerabilities.
It is most common for information assurance pros to be fairly diligent in trying to keep malware out of the enterprise network through scanning and filtering emails, and it is good to see that it is also becoming a growing trend to try and prevent sensitive data from leaving the enterprise, “leaking” is the current buzzword of choice, by using scanning and encryption. However, there are many other email mishaps and business damage that can occur through the use, or misuse, of email that can have negative business impact and legal implications.

How do you monitor your emails? How do you keep your customer email addresses up-to-date? Do you allow your personnel to use their personal email addresses to do business communications?
I discussed these and other issues in my monthly column I wrote for the May issue of the CSI Alert newsletter. You can see my final, pre-production, draft of “Obscure Email Issues” at my site.
I welcome your feedback!

Tags: awareness and training, CSI, data leakage, data loss, e-mail, email, Information Security, IT compliance, policies and procedures, privacy, privacy breach, risk management

This entry was posted on Friday, June 8th, 2007 at 1:00 am and is filed under Information Security, Training & awareness. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.