b5media.com

Advertise with us

Enjoying this blog? Check out the rest of the Business Channel Subscribe to this Feed

Slacker Manager

Email security

by Bren on December 6th, 2004

Fred Langa, of the venerable LangaList (another of my regular reads…worth the free subscription), noted in his most recent newsletter just how insecure email can be.  This has got to be a major concern for any organization, but especially for any organization that has a need to send/receive Social Security numbers for people. 

In my business, the SSN is a primary identifier that’s used between schools (which are usually on different software platforms) and also between the Dept of Ed and the school.  I think most people are beginning to understand that it’s bad practice to send a full SSN via email.  For the most part, the notes that I’ve seen usually ‘x’ out the first five digits of the SSN.  It’s easy to call your colleague at the other school and get the full SSN if you can’t figure it out by looking at the last four digits and the last name.

Fred notes four good practices to abide by:

  1. Don’t trust email for initial (first) contact.  Make sure you can reach your recipient first before trusting email.  He notes that between all the spam filters on all the computers that email must travel through, the liklihood that your note will get through is dropping like a rock.
  2. Be very careful with addressing your emails.  Note whether it’s a .org/.com/.net or even something like a .edu/.us/etc…  Also, really work at avoiding the "reply to all" unless it’s needed.
  3. For sensitive notes, don’t use plain text email  Encrypt your email, and if you don’t know how to do that, send the text of your message zipped up in a zip file.  Password protected if needed.  And don’t put the password in the email.  Geez.
  4. Choose your email provider (ISP) carefully.  Most of us don’t have this luxury at work, but we do at home.  Pay attention to reputation.

Probably the most chilling thing Fred noted in his newsletter was the recent passage of legislation (in the U.S.) that affords no wiretap protection to emails that are located on remote servers–even if those servers aren’t the final recipient.  So basically, in Fred’s words, your emails are about as secure as a conversation on the corner of a busy street.

Share This

Related Stories

  • No related posts

POSTED IN: tips and tricks

Site Meter
Close
E-mail It