Technology Pundits ~ Protecting eMail and Saving Your Assets

Security is a bitch and we are constantly exposed to a variety of threats. Even listing all of them would be more frightening than helpful. But one of the most critical areas of exposure is email and the fact that the majority of it is unsecure. This lack of security can lead to everything from embarrassing moments to serious corporate problems.

Problems with Unsecured Email

I can recall a few years ago getting a message from one of Microsoft’s internal PR people about an upcoming meeting. I noticed but had not read an included attachment. Shortly after receiving the email I got a note from one of their PR firms telling me the attachment had been sent by mistake and trusting my integrity not to read it because it contained confidential information about other analysts. Using what would be normal restraint in such a case I immediately opened and read one of the nastiest profiles on a Gartner analyst I have ever seen and was disappointed with my own profile which was largely empty.

The Gartner analyst was not amused and clearly took extreme exception to the comments which seemed to suggest he thought he was smarter than Bill Gates, had actually personally invented much of what Microsoft had, and became very aggressive if anyone disagreed with him. His profile was actually rather accurate but its disclosure did a lot of damage to the relationship Microsoft had with a number of analysts (not me, I sent them a bunch of stuff to fill out my near empty profile). Embarrassing but not terminal.

However in my own firm a few years later a black sales rep asked for some help from her manager which needed VP approval. The VP in responding and granting approval referred to the rep with a racial slur, a sexual slur, and a derogatory comment about her looks. This note was sent to her manager who then accidently forwarded it on to her so she knew she was approved. Her brother, as it turned out, specialized in employment law and that slip cost us about half a million dollars and both of these guys lost their jobs. What had been intended as a joke between the guys became a bomb that nearly crippled a division. (Granted the comment shouldn’t have been made in the first place).

Finally, the first big breach of a Blackberry that I became aware of in my security role at Giga (the research firm I used to work for) resulted in a CEO’s private and incredibly derogatory thoughts on his direct reports and board of directors. This resulted in a number of rapid resignations and the near total collapse of the company.

Currently most of us have unsecured email and if we mailed something to someone in confidence have no way of making sure that confidence is protected against accident or breach of trust.

eCipher

eCipher http://www.ecipher.com , which works with an Outlook, Thunderbird, or Eudora provides encryption and DRM protection so your email only goes where it is intended. This helps assure that the kinds of problems I list above don’t happen to you and only to you.

While certainly not necessary for casual mail, for things that should remain confidential, like notes to your attorney, I’ve come to conclude that a tool like eCipher could save your job or your company some day. As a result it is probably time to think about how your mail is secured enough (it probably isn’t) and whether it is well past time you fixed that (it is).