Over the past couple of decades, email has become so commonplace that it is the automatic “go-to” for public and private sector communications. But lately, it seems that email has been in the news in a major way, to the point where intercepted or leaked email messages have proved to be important deciding factors in court cases and major political races.
Communicating via email is incredibly convenient. Many of us have attained acceptable typing speed. And, let’s face it, it feels secure, especially when sender and receiver are both in the privacy of their offices.
The advantage is obvious: a message can be sent whether or not the recipient is available to read it in the moment, allowing us to effectively drop the conversational ball into the other person’s court. For some, the thought of using a different means of communication rarely arises. I have at times participated in multiple emails over several hours to hash out a tricky issue or process a scheduling request, when a five-minute phone call would have sufficed. Using email, however, provides an automatic record of what was said, and may even provide clues as to the writer’s state of mind. Reviewing past emails is a great way to prepare for a meeting, a phone call, or a new email topic.
Articles abound, like this one, referring to law firms as the “soft underbelly” of computer security because of a tendency to prioritize convenience over security. But when sensitive information needs to be transmitted, ethics rules and some state laws dictate that it is the responsibility of the sender to take steps to protect that information.
Where does this leave us? First, we must take extraordinary care not to click on links and attachments that are even a little bit suspicious; the sophistication of phishing and other malicious email “spoofing” techniques is increasing. Despite stories of servers that are in non-secure locations and the occasional list of a firm’s Windows passwords posted on an office bulletin board, some firms are switching to encrypted email, at least for sensitive transmissions. I notice more and more email signatures that include an instruction for sending an encrypted file. I regularly hear of firms moving to completely hosted computing, removing sensitive data from the office altogether.
An interesting take on a move to greater security is discussed in a New York Times article published in July: namely, that if the government adopts more secure means of communication, the public would suffer from the resulting lack of transparency. That aside, if we are to stem the occurrences of intercepted emails and data breaches, offices need to explore available cybersecurity options and take action. This goes for the public sector as well. Some will want to encrypt email. Some will opt for cloud-based communication systems like Slack or Glip. Many options exist, including some that can be set to destroy messages after a specified interval.
Our consultants at Crosspointe have decades of experience in managing messaging and data, and we use Glip internally for messaging.. For an assessment of your firm’s risks and recommended solutions, contact Crosspointe Consulting Group at 877-357-0555 or email us at firstname.lastname@example.org.