Email Addiction Worse: Company Data on Personal Devices
I think my email usage has plateaued for the last year. Twitter, Plurk and other Social Network sites have picked up the slack. I don’t use email as a “Instant Messanger” for the most part. I still use email of course and yes: I will check my email on my phone – my personal cell phone that is.
Email can easily be ported outside the office to a Hotmail or Gmail account and you don’t have to be in the office to do it. There has always been an issue of how to keep company data in the company. After all, you’re paid to collect data for them. Taking a clients email or phone number can be considered just as bad if not worse than taking company equipment. IT can monitor and control data so they can take it away on a moments notice. But how many companies are really doing that and by not implementing, could that be costing companies precious dollars?
I have been in situations where people get to use their own equipment to save the company money. It gets to be a real headache because you have to sometimes draw a hard line on where to support the customer. However I have also seen it where those same computers have full client lists in excel files and email archives directly on the hard drive. All information I wouldn’t be able to retract if this person was asked to leave the company or if their computer fails.
Intermedia ran a survey that looked at enterprise mobile email practices. According to the more than 300 Intermedia users surveyed, 92% of end-users access business email on their mobile device. 30% are using company-provided devices and 47% responded that their companies do not manage security for employee devices.
Now let’s do the math here. Let’s say your company does One Million dollars in sales. They have 200 clients controlled by 10 sales people (20 people per sales person). The average client is bringing the company $50,000 a year.
Now reality states that one client would be at $100,000 while another might only bring in $20,000. Still, if they are bringing in anything, it would be a tough customer to lose because an employee is hoarding their information. I have seen it happen: Not only as a corporate theft situation, but also a “mis organization” situation.
Email is not only just taken, sometimes it is just simply lost – and it might not be anyones fault. Microsoft Outlook has this feature to Archive old email. It’s great to keep your main inbox down in size but it can also be a hindrance for those IT professionals who ignore that option. Auto Archive ends up putting older email into a file on the computer. The file is then deleted or the hard drive crashes and your older email is gone.
Sometimes, email is intentionally ported to another service. I also remember times where I was asked to set up a Blackberry account to send and receive company email. While it was highly trusted employees who had these devices, the data was still being moved off the company server.
It’s not about the employees loyalty to the company, but the fact that once someone sends the email, correspondence doesn’t go through company communication system. It goes through the Blackberry email servers and tagged only with their email addresses.
A lot of companies have placed policies to make employees aware of company theft in an electronic realm. However, Intermedia also reported that 33% stated they were unsure of their companies’ mobile email security policies – and they may have even read – And signed – that policy.
One employer I worked for had no policies in place. When asked why, I was told there was a struggle between HR and IT over the policies. To my knowledge, there still isn’t a policy at that company and the end result: employees can walk out the door with company information and no legal leg to stand on. Millions of dollars can end up either lost or even worse, taken over to a competitor.
So how can you keep your company assets safe? Well, if someone needs to access their email outside, give them company equipment. If it’s just email, then offer a web based solution. If they try to collect email, they will have most likely forward to a personal email address. This becomes recorded information on your web servers.
Create or Update your employee policies for annual renewal. Remember, a simple loophole could be a set of policies that an employee signed long ago and they are not aware of the changes, especially when technology changes. Signing annually lets you make changes and employees have no excuse when they sign them.
Disallow any personal device to access data that can be re-saved. Once again, forwarding an email to another account takes the original message off your servers. Any post correspondence may not be followable. If you must allow this, the employee should sign an additional waiver to allow IT access to their account at any time up to 6 months after the employee has left the company.
Set computer policies on email to make sure email doesn’t get Archived. If it does, then the archive is in a common place for IT to be able to retrieve. It is also properly labeled so there is no overlapping or confusion. There are legal implications where businesses can get fined for not producing an email in a legal situation.
Now you might be saying “Why should I do this? I’m such a small shop”. Well, reality is small shops can get hurt the worst. Whether you are a company that makes a thousand dollars a year or ten million – you don’t want to end up with a loss the next year. You definitely don’t want to end up with a loss due to a misplaced clients list or email.
The biggest way to control email usage and theft is simply education. Make the employees understand how to send a ‘good’ email that does not consist of a 2 to 3 word message. Email organization can also make people manage their email time drasticly. Ultimately they might not need to check their email outside the office.
Of course, every company works different. Sometimes you have to trust people to not doing something that could ultimately harm the company. However, being totally oblivious to the practices could – in the end – hurt you to the point where you have to sell out or even close shop.