Security Basics mailing list archives

RE: e-mail policies

From: "chris" <chris () byteme no>
Date: Tue, 25 Feb 2003 10:15:32 +0100

Dear gurus

We are defining policies for the use of corporate e-mail, I have doubts
about privacy of messages sent by employees. Since the e-mail system is
intended for business use, we need to prevent sensitive information
disclosure. If we respect the privacy , how can discover infidelity
employee?
 What is your opinion or the standard in this cases? What is the
companies approach?

Thanks a lot.

--
Pablo A. C. Gietz
Jefe de Seguridad Informática
Nuevo Banco de Entre Ríos S.A.
Te.: 0343 - 4201351


Hi

Although I'm not a guru, I'll give you my opinion (probably not the standard
;).

Define strict policies.  Make it clear that the corporate e-mail is not for
personal use.  Why?  Because studies on the use of corporate e-mail show
that the productivity, in many cases, is decreased.  Sending personal e-mail
to colleagues or people outside the corporation generates expectations on
reply, and results in the habit of checking for new mail very often, and
therefore interrupts work.
There you go - no need for privacy anymore.  Now you can install e-mail
filters, e.g. based on words that's not acceptable in corporate messages,
and bust infidel employees.


- chris

Current thread:

e-mail policies pablo gietz (Feb 24)
- Re: e-mail policies theog (Feb 25)
- RE: e-mail policies Tim Heagarty (Feb 25)
- RE: e-mail policies chris (Feb 25)
  - RE: e-mail policies Michael Whang (Feb 26)
  - RE: e-mail policies Bram Van Dam (Feb 26)
- Re: e-mail policies Ivan Hernandez (Feb 25)
- <Possible follow-ups>
- RE: e-mail policies Jones, Andrew (Feb 25)
- RE: e-mail policies Fields, James (Feb 25)
- RE: e-mail policies Moeckel, Sharon (Feb 25)
  - RE: e-mail policies Tim Heagarty (Feb 26)
    - RE: e-mail policies Mark Burgess (Feb 26)
    - RE: e-mail policies Tim Heagarty (Feb 27)
- Re: e-mail policies mweatherford (Feb 26)

(Thread continues...)