Information Security Bulletin

Misusing Email in the Workplace

21 Jul 01:35

UK email compliance company Cryoserver has published a list of the top ten misdemeanours when it comes to using email at work. The list covers everything from innocent mistakes to deliberate misuse.

Not replying to or pretending not to have received emails
Assuming emails marked urgent are always read
Going off on tangents, writing far more than you need to and using icons that are not needed (e.g. smiley icons)
Sending the same email to a lot of people, copying in recipients that have no interest / are not meant to see it (e.g. accidentally pressing 'reply all')
Bad grammar, spelling, attention to detail (e.g. over use of capitalisation, excessive use of the exclamation mark)
Sending inappropriate material / messages (e.g. lewd or offensive material, flirting, gossiping, planning social lives)
Using cc instead of bcc (when you didn't want recipients to know who else the email has been sent to)
Sending emails with huge attachments / inadvertently sending viruses that crash people's systems
Leaving sensitive information on an email trail that you have forwarded
Wasting time emailing the person next to you rather than just turning round and talking to them

Stephen Mason, Cryoserver's Legal Director, identifies in his book 'Networked Communications and Compliance with the Law' (XPL Publishing) some examples of these misdemeanours occurring. There have been a number of cases of people sending inappropriate, lewd or offensive material. For example, in October 2003, two workers at the Courage Fountain brewery in Fountainbridge, and a number of other employees at the Tadcaster plant in Yorkshire were dismissed after being caught distributing pornography by email to other members of staff.

Another extremely common misdemeanour is people using email to socialise when they could just turn around and talk to the person they are emailing. For example in one company, Waterford Technologies, two people were found to have exchanged 195 messages in a single day in another company, three conversation pairs represented 68 percent of the internal email, and in one case, 98 messages were exchanged between two members of staff in 90 minutes.

To combat email misuse companies should install and make known to their employees, an email policy that regulates employees' use of network communications, reduces the liability to the organisation whilst protecting the employee and ensures that employees know what the likely penalties are for misuse.

[Let me add another common email sin: using HTML in messages. This irritating bandwidth waster really cheeses off people who do not use a reader which interprets HTML but simply lists the code.

Stephen Mason's new book will be reviewed in ISB1006 (July 2005). --Ed.]

Related links: (Open in a new window.)
www.cryoserver.com

View printable version (opens in new window)
Back

Search ISB News:

Not yet sure you want to subscribe? Download a free sample copy!

Download the much quoted October Editorial

Portal Frontpage
Web Editorial
About This Portal
Contact Info

IS Alerts
General News
Product News
Vendor News
People News
Literature
Events
CHI News

Subscribe Online
About ISB
Publishing in ISB
Advertising in ISB
PR Information

In the current issue:

Security Management
The Importance of Adaptability
Steve Purser

From the Trenches
Reversing Perimeter Defences – a Case Study
Søren Maigaard

Security Architectures
The Self Defending Network: New Trends In ICT Security Infrastructures
Drs. Ing. René Pluis

Subscribe Online!