Internet Newsletter for Lawyers
November/December 2006, by Delia Venables

Current Issues with Email - and some solutions
by Kieran Gilmurray

Note: There was also an article by solicitor Jeremy Holt on Staff Computer and E-mail Policies in the May/June 2006 issue, at www.venables.co.uk/n0605computerpolicy.htm. There was a downloadable specimen computer and email use policy (in Microsoft Word format) with that article at www.venables.co.uk/n0605computerspecimen.doc. The present article is a little different in that it takes an IT Director's view of the problem rather than a Lawyer's view.

Email is an essential business tool. Email is easy to understand. Email is attractive because the technology is a very close analogy for snail mail, which is universally understood. Nearly everyone has it or uses it. It works regardless of time zones, age, (dis)abilities or even language. Email works on MY time, not on YOUR time. Email can be accessed anywhere in the world from a desktop pc at home to an internet café in Kathmandu.

All this is largely because email enjoys the industry standard protocol of SMTP which ensures that any user in the world can use email, no matter what email client software they are running or what computer they are using (e.g. Linux, Mac, pc, telephone, PDA, etc.).

However, in spite of email’s almost universal success, it does not come without issues. This article looks at some of the issues - and some of the solutions.

Exposure to unwanted content and damage to corporate image

Anecdotal evidence suggests that most legitimate email is personal and non-business email even in a work context. How many joke emails have your received today? These may contain harmless humour but harmless humour to you or me may not be harmless humour to others. Some emails contain graphic images which are akin to pornography or contain descriptions of personal actions that should remain at the bedroom door. I think we all remember the details of an email doing the rounds last year of a lady performing a personal act on her boyfriend and the damage to reputation of both the individuals and the firms they worked for.

Risk of viruses resulting in financial loss or downtime

Most firms use Microsoft email technologies and these are the systems attacked most often. Virus programs can be relatively trivial (your address book contacts are mailed some random message) or can have significant damaging effects (your computer could become a spam relay point resulting in your email domain being black listed worldwide or your computer systems may stop working altogether).

Decreased productivity

Email is addictive. You know you have become addicted when you become agitated if you are prevented from checking your email for more than a few hours! Individuals constantly interrupt their work to check mail. Spam is a massive problem that accounts for more than 60% of email and obscures relevant messages. How many lotteries have you won this week? Email "harvesters" constantly circle the web hovering up unprotected email addresses from company web sites and these are sold on.

Data theft via industrial espionage

Before the age of computers, stealing information from a company involved lugging large quantities of equipment or paper past your colleagues or boss. Now, at the click of a button, the company contacts or accounts system can be emailed to your competitor.

Email is not a secure medium outside of a company unless using encryption methods

Many individuals think nothing of typing all sorts of things into an email that would feel uncomfortable whispering to their colleague a desk away. This can include contracts for business deals, corporate gossip, financial results or instructions from or to corporate clients. Email can easily be intercepted and read as it passes between computer systems on the internet.

Damage to personal reputation via emailing to individuals or groups

Hands up if you have ever sent a message without thinking to the wrong person! Everyone has done this. Email is immediate and cannot be retracted if sent outside of your corporate mail system.

Email is not guaranteed

We all think that emails get to the people we send them to each and every time. However, emails can be blocked by spam filters incorrectly configured, rules configured incorrectly, data corruption, mail server failures or incompatibility between mail systems.

Email makes us lazy and poor communicators

We depend on email systems too much. Rather than ring a person 3 desks away we are emailing them instead; a phone call, or even a personal chat, could be better. Do your clients or suppliers have a personal bond and loyalty to you from having spent time chatting to you as a person?

Some Solutions

There is no single magic bullet to solve all these problems. However, a proactive and multifaceted approach to IT and email security can help.

Treat email as a business tool

The email system is a business tool and should therefore only be used in an appropriate business like manner (even in the case of personal use).

So......

  1. Email policies should be documented, understood and enforced. Email users should be educated as to what they should or more importantly should not be doing and polices should be enforced through appropriate filtering software.

  2. Let users know that the email system is company property and not personal property from day one to minimise objections.

  3. Let staff know you are monitoring mail systems and that you do so to discourage inappropriate email usage and information theft.

  4. Set your company mail limits to permit emails of only a certain size into and out of your company to stop employees emailing databases home.

  5. Add an acceptable email and internet policy document to new staff members' company induction packs that they must read and require them to sign a confirmation sheet saying they have done so.

  6. Training in how to use (and not use) email systems should form part of company induction training. Employers must discipline and be seen to discipline employees for breeches of email policy. However, not all poor email behaviour is deliberate. Employees need training and help before you start waving a big stick.

  7. Encourage your suppliers and clients to use encryption software when sending emails to ensure privacy when sending sensitive emails.

Limit spam

External email computer companies can clean and filter email before it even gets to your network. Alternatively there are many desktop filtering packages on the market that can be trained to filter email effectively over time. When you do get spam, never respond to it or attempt to remove yourself from the list; this just tells the spammer that your address is functional! Functional email address lists are valuable property. Never request more information, do not click on any links and do not buy anything (if you have medical problems, go to your doctor)!

Limit email address harvesting

Email harvesters are automated software applications which roam the Internet in a similar method to search engine robots, they travel around visiting web pages and gathering email addresses to be stored in a database. Email harvesters are common. If your email address is displayed on a web page without protection, it probably won't take long for harvesters to find it. Some simple methods can be employed to limit this:

  1. Place contact forms online instead of email addresses.

    (Note from Delia: I disagree with this one - they could be called contact discouragement forms. Personally, I hate contact forms and never use them. What do other people think about this?).

  2. "Encode" the address using JavaScript so harvesters can't see it but real people can.

  3. Display the address using an image file so robot harvesters can't see it.

Email borne viruses

Many of the most common computer viruses or similar malicious software types are spread through email attachments. The virus is often launched when you open the file attachment, usually by double-clicking the attachment icon.

  1. Do not open any attachment unless you know from whom it has come and preferably that you are expecting it. Otherwise, delete it immediately.

  2. Use antivirus and spyware protection software and keep it updated.

  3. Use an email program with spam filtering built-in or employ a third party email cleaning company

  4. If you need to send an email attachment to someone, let them know you'll be sending it so theydon't think it's a virus.

  5. Keep your operating system and applications up to date wit appropriate security patches and fixes as security vulnerabilities are what viruses writers exploit.

Improve productivity

Many people leave their email client running continuously so they know when a new email arrives - which is the main reason why email affects productivity. If you leave your email client running, it means anyone anytime can interrupt what you're doing. Essentially someone else is picking the moments at which you pay attention (including some spammer offering some rubbish get rich quick scheme).

So.....

  1. Check email at fixed times such as before you start work, after a meeting, after lunch, before you go home, etc. Set aside time to do this. Just don't let others dictate the timing.

  2. Decide when you can email and when you should speak to someone face to face or on the telephone. For example, detailed technical discussions are better using face to face communications to prevent email tennis matches starting.

  3. Be judicious as who you send email to. Do you really need to cc everyone into an email who may only have passing interest yet may feel they need to respond or add their input?

  4. Simple emails which say "thanks" or "got it" or "see you at the meeting" are polite and part of normal human communication, but there is a limit. There is no need to reply "you're welcome", or "glad you got it", or "great, I'll see you, too" each and every time.

  5. Encourage communication face to face or on the telephone so such soft skills are not forgotten. A "no email Friday" once a week or once a month can help here.

Used ineffectively email becomes a liability but when used correctly, email becomes being an effective and productive business resource.

Kieran Gilmurray is the IT director of major Northern Ireland firm Wilson Nesbitt Solicitors, www.wilson-nesbitt.com.
Email kgilmurray@wilson-nesbitt.co.uk.

Back to Contents.