Ask the Expert

How to prevent poor e-mail practices

How can I "prove" that sending confidential information to customers across the Internet without encryption is a poor business practice?

    Requires Free Membership to View

The Internet is a high-risk environment and according to the FBI's International Computer Crime Squad, one of the most common cyber crimes committed against businesses over the Internet is theft of trade secrets. While many businesses shred their sensitive paper documents to combat dumpster diving, very few encrypt their sensitive digital documents and e-mails to combat cyber espionage.

Sending an e-mail is the equivalent of sending a postcard – anyone can read it. Once an e-mail leaves a computer, it travels over multiple online services and open networks to reach its destination. It can be intercepted and read anywhere during its journey. It can also be read from the numerous backup devices and will be stored by various routing services. For example, co-workers can easily intercept an e-mail sent from an office computer as it travels through the corporate network. In addition, external e-mails travel to and from a computer via an Internet Service Provider (ISP), making ISPs one of the easiest places to intercept traffic. Broadband users share the local loop, which means neighborhood Internet traffic shares the same physical wires. With certain bits of hardware and some know-how, a hacker can easily intercept an e-mail on its way across the local loop. Finally, wireless network traffic is susceptible to interception at the base station for the antenna.

These examples are by no means the only places e-mail can be compromised, and with thousands of hackers on the Internet and so many vulnerable points, never assume an e-mail is private, unless it is encrypted.

Your clients not only need to encrypt their e-mail, but all their sensitive files and data too. They should also be enforcing a security policy aimed at securing their computers against spyware and malicious code to prevent computer-hacking and illegal eavesdropping by hackers and their competitors.


More Information

  • Attend Lesson 3 of E-mail Security School to learn about e-mail policy control.

  • This was first published in December 2005

    There are Comments. Add yours.

     
    TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

    REGISTER or login:

    Forgot Password?
    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
    Sort by: OldestNewest

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to: