Security Basics mailing list archives
Re: Using Web mail (hotmail, gmail, yahoo, etc) for Business mails
From: Devdas Bhagat <devdas () dvb homelinux org>
Date: Wed, 18 Oct 2006 15:59:34 +0530
On 16/10/06 06:00 -0000, sfmailsbm () gmail com wrote:
Dear List, It is a common practice among users to user their personal email accounts like hotmail, gmail, etc to send & receive business (and most probably confidential) information This is particularly the case when users are out of office
It is fairly trivial for the company to offer a webmail service to their users. Even if it is outsourced, the terms of the contract can be set to reduce the risk of information disclosure. Another point to note is that administrators of such sites may stumble upon corporate information while in the normal course of their duty. All that it takes is some idiot flagging the message as spam. If you are using a free webmail, the only hope you have is in the integrity of those admministrators. I have had people labelling email from their lawyers as spam, and landing up in my abuse mailbox. I have to read that email just to ensure it isn't a complaint, so there is direct disclosure of "secret" information.
These webmails are not under the company's control, and hence there is a risk of information loss. However upto now we have not heard of any such cases.
This has happened in India (I would have to look up the information though). In each case, users (managers and software developers) were sending out confidential information to their next employer/personal accounts to be able to use it later (to found a new company, to grab old clients, ...). Devdas Bhagat --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- RE: Using Web mail (hotmail, gmail, yahoo, etc) for Business mails, (continued)
- RE: Using Web mail (hotmail, gmail, yahoo, etc) for Business mails Murda Mcloud (Oct 17)
- RE: Using Web mail (hotmail, gmail, yahoo, etc) for Business mails Kurt Aubuchon (Oct 17)
- RE: Using Web mail (hotmail, gmail, yahoo, etc) for Business mails Robert D. Holtz - Lists (Oct 17)
- RE: Using Web mail (hotmail, gmail, yahoo, etc) for Business mails Kurt Aubuchon (Oct 17)
- RE: Using Web mail (hotmail, gmail, yahoo, etc) for Business mails Robert D. Holtz - Lists (Oct 18)
- RE: Using Web mail (hotmail, gmail, yahoo, etc) for Business mails Kurt Aubuchon (Oct 17)
- RE: Using Web mail (hotmail, gmail, yahoo, etc) for Business mails Murda Mcloud (Oct 17)
- RE: Using Web mail (hotmail, gmail, yahoo, etc) for Business mails Duncan McAlynn (Oct 17)
- Re: Using Web mail (hotmail, gmail, yahoo, etc) for Business mails Frynge Customer Support (Oct 17)
- Am I owned on port 27665 Faheem SIDDIQUI (Oct 18)
- Re: Am I owned on port 27665 Colin Copley (Oct 19)
- Re: Am I owned on port 27665 Andre Lauw (Oct 19)