The threat of an employee inadvertently infecting a business computer network via malware received through a work email or instant message is one that most businesses have taken steps to prevent. Even businesses that are small or not very technically savvy have antivirus software, firewalls, and other security measures in place to prevent the costly and sometimes risky issue of an infected network. However, with all the fuss about incoming email, a surprising number of businesses pay little to no attention to the dangers associated with outbound email. Information Security Blog
According to a recent study performed by Proofpoint Inc., a California-based security company, possible security risks that stem from lack of protocol related to emails sent from company computers. Concerns such as protection of sensitive data, privacy, legal risks, and embarrassment to the company have inspired many businesses to put in place standards of practice for employees who send email (and there are very few who don’t these days) and to enforce security policies on outgoing messages. Many employers are also concerned about employees posting sensitive information on blogs or message boards. The Proofpoint Inc. study, which focused on businesses in the United States and the United Kingdom that employ more than 1,000 people, gathered information on the following aspects of email security:
The 2006 study drew from surveys of several hundred “decision makers” from different companies, almost 40 percent of which were in technical, professional, financial, or government fields, who answered questions about their companies’ outgoing email policies. It turns out that many companies actually hire employees to read or check outgoing email to see that it fits standard email protocol. In fact, in the U.S., 38 percent of companies have employees to do this job, and 46.9 percent perform regular audits on employee email content. Through these actions, they have estimated that over 20 percent of outgoing workplace emails contain confidential or other internal business information. Disturbingly, almost 35 percent of those surveyed claim their company was negatively affected by the wrong information leaving via employee email in the past year. Some companies have even had non-public financial information posted online by employees.