Security Basics mailing list archives
Re: Using Web mail (hotmail, gmail, yahoo, etc) for Business mails
From: David Jacoby <security () outpost24 com>
Date: Tue, 17 Oct 2006 12:09:08 +0200
Hi! Basically this is a issue about trust. Its hard for a employer to have 100% trust in the employees. There must be strict policies which will inform the employer what he/she is allowed to do. It also has to do with common sense but you cannot prevent this kind of actions easy. There may always be USB drives, diskettes CD/DVD which can be used to steal information. You just need to have a policy which will prevent everyone from having access to all information. Only the persons who should use the information should have access to the information. If you want to be really paranoid you could specify the read/write access on the files aswell. I personally think this is something which should be discussed internally at the company. It should be a discussion about both education and information about the company policy. Instead of just preventing people for certain actions, inform them about why its prevented so understand why it might be a security/integrity issue if some documents left the building. As a manager you can inform your employees that all communication from the office will be logged, this includes all email and web traffic. This is to prevent all potential "information leakage" and maybe other risks. If any employee want to do personal things such as check their bank, send email to families or such you can always have computers which is separated from the office network and where traffic is not logged. There is not a correct answer for your question, it basically starts and ends with the trust of your employees and also about education. Best regards, David Jacoby sfmailsbm () gmail com skrev:
Dear List, It is a common practice among users to user their personal email accounts like hotmail, gmail, etc to send & receive business (and most probably confidential) information This is particularly the case when users are out of office These webmails are not under the company's control, and hence there is a risk of information loss. However upto now we have not heard of any such cases Wanted to get the opinion of the list on the security risks of the use of Webmails for business mails Thanks & regards --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINEThe NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
-- David Jacoby Vice President Customer Experience http://www.outpost24.com phone: +46-(0)455-612311 fax : +46-(0)455-13960 email: dj () outpost24 com This communication contains information which is confidential and may also be privileged. It is for the exclusive use of the intended recipient(s). If you are not the intended recipient(s) please note that any for of distribution, copying or use of this communication or the information in it is strictly prohibited and may be unlawful. If you have received this communication in error please return it to the end. --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINEThe NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Re: Using Web mail (hotmail, gmail, yahoo, etc) for Business mails, (continued)
- Re: Using Web mail (hotmail, gmail, yahoo, etc) for Business mails Michal Merta (Oct 17)
- Re: Using Web mail (hotmail, gmail, yahoo, etc) for Business mails Steven Meyer (Oct 17)
- RE: Using Web mail (hotmail, gmail, yahoo, etc) for Business mails Murda Mcloud (Oct 17)
- RE: Using Web mail (hotmail, gmail, yahoo, etc) for Business mails Kurt Aubuchon (Oct 17)
- RE: Using Web mail (hotmail, gmail, yahoo, etc) for Business mails Robert D. Holtz - Lists (Oct 17)
- RE: Using Web mail (hotmail, gmail, yahoo, etc) for Business mails Kurt Aubuchon (Oct 17)
- RE: Using Web mail (hotmail, gmail, yahoo, etc) for Business mails Robert D. Holtz - Lists (Oct 18)
- RE: Using Web mail (hotmail, gmail, yahoo, etc) for Business mails Kurt Aubuchon (Oct 17)
- RE: Using Web mail (hotmail, gmail, yahoo, etc) for Business mails Duncan McAlynn (Oct 17)
- Re: Using Web mail (hotmail, gmail, yahoo, etc) for Business mails Frynge Customer Support (Oct 17)
- Am I owned on port 27665 Faheem SIDDIQUI (Oct 18)