Personal Web-Based Email Puts Enterprise at Risk
This is an interesting prespective--I wonder exactly how they propose to stop it? Being a "network nazi" (forgive the term) is certainly not the answer, since when you try to ratchet down access to Internet resources within the enterprise network, then the employee become the one who is actively trying to bypass security and access controls.
I use a web-based account for personal e-mail communications while I'm at work--and personally, I think it is nothing less than professionally and ethically proper to do so. I can certaily see this issue becoming somewhat of a sticky wicket if this mindset [below] becomes common practice. They do specify "business communications," however, so perhaps personal e-mail traffic is exempt?
Hmmmm.
In any event, Sandra Gittlen writes on eSecurityPlanet.com:
IT managers who allow their users to access personal email accounts via Web-based sites are putting their companies at risk, according to experts.
''If companies are allowing employees to use personal email tools, but not retaining those messages, they could be facing serious legal and regulatory trouble,'' says Nancy Flynn, executive director of the ePolicy Institute in Columbus, Ohio. ''Email today is the electronic equivalent of DNA evidence. If there is a lawsuit, you can take it to the bank that email will be subpoenaed.''
In fact, a 2004 Workplace Email and Instant Messaging Study, co-sponsored by the ePolicy Institute and the American Management Association, found 21 percent of the 840 U.S. businesses surveyed had employee email and instant messages subpoenaed in the course of a lawsuit or regulatory investigation.
Flynn says courts are not discriminating about whether the emails were sent via personal email accounts or business email accounts. ''They want all business-related emails that are being transmitted by employees,'' she says. Not producing these emails could result in a ''five-to-six-figure fine''.
0 Comments:
Post a Comment
<< Home