The Top Seven Myths for Enterprise E-Mail Governance

MessageGate, Inc.
January 11, 2008 | COMMENTS

Misinformation is dangerous when it comes to enterprise e-mail governance, especially when combating data leakage in heavily-regulated corporate environments. “Falling victim to common e-mail misperceptions wastes valuable IT time and budget,” says Shaun Wolfe, CEO for MessageGate, an e-mail governance solutions provider based in Bellevue, Washington. “Analysis often uncovers customer governance laid to waste due to common myths, especially sensitive data sent to unintended external recipients caused by e-mail control gaps.”

Recent activity profile audits conducted by MessageGate have identified seven myths that are commonly associated with corporate e-mail governance and controls.

1. My company does not have a data leakage problem .

In reality, all companies experience some form of data leakage. Most instances are non-malicious (research indicates that 80 percent of all data leaks are unintentional). Most breaches can be attributed to employees moving sensitive files to continue work from home. Web-based e-mail is the biggest culprit, offering remote access outside of the corporate network. These unintentional data leaks must be addressed.

2. IT “owns” e-mail and is ultimately responsible for its destiny .

E-mail ownership is a continuing battle. On one hand, employees claim ownership of e-mail as creator of the message. IT departments, however, see it as their asset to manage because it resides on the corporate network. Neither is an absolute truth. E-mail has risen to become a legal business record. In fact, e-mail is now the most common form of electronic evidence requested during litigation discovery. As a result, the corporation as a whole is ultimately responsible for each and every e-mail traveling across its network. This includes the C-suite, legal counsel, IT, and the employee.

3. IT must read every incoming and outgoing message for e-mail controls to be effective.

The “big brother” concept does not resonate in most corporate settings. In addition, most IT departments lack the budget and manpower to police each and every message. A more appealing option is to automate the process through e-mail governance software using both lexicon and contextual controls. These applications prevent unintentional data leaks while also educating employees on acceptable email use.

4. E-mail controls only hamper employee productivity.

Unfortunately, much of this false impression is earned from legacy solutions. E-mail controls software, however, has come a long way. Modern solutions increase security, while also ensuring that all employees follow uniform archiving and other governance policies, with little-to-no user interruption.

5. Securing the corporate network ensures e-mail confidentiality.

Employees often believe that e-mails are only accessible to their intended recipients. IT departments add to the misperception by assuming corporate network security efforts are enough. In reality, productivity often negates security precautions. Employees create local copies of their Outlook PST file to their local machine to bypass burdensome security procedures. As a result, there is little protecting the files if the laptop is lost, stolen, or simply left unattended.

6. Instant messaging (IM) is a bigger threat than e-mail.

IM, text messaging, and other alternative communication channels receive a lot of hype for data field. Each diverts attention from the true 800-pound gorilla—e-mail security. E-mail is still the largest communication channel used within corporate environments, representing the biggest data leakage threat. Practical governance starts with e-mail, and expands to include alternative channels once a solid foundation is established. True multi-channel governance is not possible without first creating a minimum threshold of corporate responsibility surrounding e-mail.

7. Spam, e-mail viruses, and other incoming threats have diminished.

The simple fact is that most publicity now surrounds outgoing e-mail security. Incoming e-mail threats have not diminished. In fact, analysts predict spam to grow to as much as 80 percent of all e-mail traffic by 2011. Business must remain vigilant against incoming threats by protecting the gateway through a variety of e-mail security systems, including filters and virus scanners.

MessageGate provides software and services for enterprise email controls to leading companies worldwide. For more information, call 1-877-544-8500 or visit www.messagegate.com.