Friday, December 10, 2010

E-Mail is the Big Security Culprit

A new report from software vendor Awareness Technologies points to personal email services like Gmail, Hotmail and Yahoo Mail as being "increasingly responsible for the accidental or deliberate loss of customer and corporate data."

Some companies ban such personal email services, but many do not. These services are all web based, and subject to a high degree of pressure from hackers, who have developed techniques to capture login IDs and passwords and then go in and seize the data either in the body of the messages or in attachments to them.

The findings resulted from a survey of data breaches at more than 10,000 sites. The survey also indicated that most of the data breaches could be traced back to the fault of employees, who were either poorly trained or gullible enough to fall for phishing expeditions.

One approach is to ban the use of personal email services on corporate computers, but this doesn't work well in today's environment since many employees mix their personal and business accounts. In addition, they often use their own personal computers or other devices for business purposes, and this is a growing trend.

Another approach is to embrace the use of personal email services and train the employees in their proper use and awareness of the threats that exist.

Since breaches arising from personal email services now outnumber those arising from the abuse of USB ports, previously the leader, email controls are more important than ever before.

For a report on the Survey, please check out this link.

No comments: