Protect Corporate Data with E-Mail Security Policies

John Storts

New technologies like mobile devices, cloud computing and social media have lead to new risks when it comes to securing corporate data. With all the attention given to these, it may come as a surprise that the single biggest threat to data security comes from an old-tech standby: e-mail.


Slide Show

The Eight Biggest Security Threats for 2010

Blue Coat Systems' predictions for the worst security threats for the year.

According to Data Security blogger Sue Marquette Poremba's analysis of Proofpoint's "Outbound Email and Data Loss Prevention in Today's Enterprise, 2010" survey, more than 35 percent of the 261 respondents indicated that their organization had investigated a leak of confidential or proprietary information sent in e-mail in the past year. In addition, 32 percent had investigated a suspected violation of privacy or data-protection regulations related to e-mail.


If you're looking for a real-world example of the threat that e-mail can pose to your organization's sensitive information, look no further than Apple. Former Apple supply manager Paul Devine allegedly coordinated his efforts to obtain kickbacks from parts suppliers using his company-supplied laptop and e-mail address. To its credit, Apple demonstrated vigilance by spearheading the investigation after finding e-mails between Devine and the suppliers on the laptop. Apple's proactive response backs up Poremba's view that the survey results indicate a positive move by companies to curtail e-mail abuse from within.


Strong e-mail security policies can mitigate risks like these. These Knowledge Network resources can help you prevent data loss, theft and exposure:

  • Guidelines on Electronic Mail Security - This document addresses the security issues of mail servers and mail clients, including Web-based access to mail.
  • Sample E-mail and Virus Security Policy - This sample policy provides details on the kinds of measures that should be taken and procedures that should be followed to reduce the risks poised by malware and viruses.
  • Protect Your Workplace Campaign Brochure - This brochure includes guidance on physical and cyber security and how to report suspicious behavior, activity and cyber incidents.
  • Mobile Device Acceptable Use Policy Template - This policy defines standards, procedures and restrictions for end users who have legitimate business requirements to access corporate data from a mobile device connected to an unmanaged network outside of a company's direct control.

Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.