Security Basics mailing list archives
Re: e-mail policies
From: <mweatherford () cox net>
Date: Tue, 25 Feb 2003 16:11:00 -0500
Pablo, Chris's comments are right on the mark. If the policy is loosley defined or open to interpretation, guess what...it will be impossible to enforce. No one wants to appear too autocratic but if you have a strict policy, it will keep those employees with a tendency to "fly to close to the flame" from doing something they'll regret. It will also save you tons of time from those who want to nit-pick the details and from having to deal with disciplinary issues. I've had both strictly defined and loosely defined policies regarding email and, without a doubt, strict is better. You will inevitibly have a few who are unhappy with the policy but for consistency and long-term benefit of ALL the employees, you'll be better off. - kram ----- Original Message ----- From: "chris" <chris () byteme no> To: <security-basics () securityfocus com> Sent: Tuesday, February 25, 2003 1:15 AM Subject: RE: e-mail policies
Dear gurus We are defining policies for the use of corporate e-mail, I have doubts about privacy of messages sent by employees. Since the e-mail system is intended for business use, we need to prevent sensitive information disclosure. If we respect the privacy , how can discover infidelity employee? What is your opinion or the standard in this cases? What is the companies approach? Thanks a lot. -- Pablo A. C. Gietz Jefe de Seguridad Informática Nuevo Banco de Entre Ríos S.A. Te.: 0343 - 4201351Hi Although I'm not a guru, I'll give you my opinion (probably not the standard ;). Define strict policies. Make it clear that the corporate e-mail is not for personal use. Why? Because studies on the use of corporate e-mail show that the productivity, in many cases, is decreased. Sending personal e-mail to colleagues or people outside the corporation generates expectations on reply, and results in the habit of checking for new mail very often, and therefore interrupts work. There you go - no need for privacy anymore. Now you can install e-mail filters, e.g. based on words that's not acceptable in corporate messages, and bust infidel employees. - chris
Current thread:
- RE: e-mail policies, (continued)
- RE: e-mail policies chris (Feb 25)
- RE: e-mail policies Michael Whang (Feb 26)
- RE: e-mail policies Bram Van Dam (Feb 26)
- Re: e-mail policies Ivan Hernandez (Feb 25)
- RE: e-mail policies Jones, Andrew (Feb 25)
- RE: e-mail policies Fields, James (Feb 25)
- RE: e-mail policies Moeckel, Sharon (Feb 25)
- RE: e-mail policies Tim Heagarty (Feb 26)
- RE: e-mail policies Mark Burgess (Feb 26)
- RE: e-mail policies Tim Heagarty (Feb 27)
- RE: e-mail policies Tim Heagarty (Feb 26)
- RE: e-mail policies chris (Feb 25)
- Re: e-mail policies mweatherford (Feb 26)
- RE: e-mail policies Mark Reardon (Feb 26)
- RE: e-mail policies Bruce Fowler (Feb 26)
- RE: e-mail policies Joe Martinez (Feb 26)
- RE: e-mail policies SMiller (Feb 26)
- RE: e-mail policies Moeckel, Sharon (Feb 27)