AMA Current Issues Forum Identifies Business Threats from E-Mail

E-mail misuse and abuse puts an organization’s assets, credibility and future at great risk every day. Members and customers learned how at a recent half-day Current Issues Forum at AMA’s Executive Conference Center in New York City on June 26, 2003. At the program, experts in “Understanding E-Mail Rules and Risks” identified the challenges and opportunities from use of e-mail.

The threats to businesses from e-mail include viruses and malicious software, employee sabotage, legal liability, dissemination of proprietary information, spam. There are also challenges for management in records management, security, privacy and much more.

Nancy Flynn, founder and executive director of the ePolicy Institute and author of E-Mail Rules and The E-Policy Handbook, explained that the antidote to the electronic woes requires the adoption of the “three E’s”:

  • Establish rules and policies
  • Educate the workforce about risks and policy compliance
  • Enforce the rules

Flynn listed the ingredients of an effective e-mail policy:

  • Spell out clearly what employees may, and may not, communicate via e-mail.
  • Notify employees of management’s monitoring policy.
  • Spell out penalties for noncompliance.
  • Establish language guidelines for e-mail senders.
  • Include training about safeguarding trade secrets and the transmission of confidential information.
  • Require signature of employees on a personal responsibility statement.

Once an organization has formulated its policy, it should set up an appropriate training program for all employees, ensure that the policy rules are understood by all and then follow through by enforcing the policies throughout the organization.

Alan E. Brill, senior managing director of Kroll, The Risk Consulting Company, and founder of the firm’s Global High-Technology Investigation Practice, told meeting participants, “Any organization that does not have a 100 percent handle on e-mail storage is at risk. Today,” he continued, “computers have long memories, even when you get rid of them or their data. ‘Erased’ does not mean gone. ‘Reformatted’ does not mean gone. Sophisticated new systems make it possible to search and find relevant data in a universe of terabytes of e-mails, instant messages and files.”

Ken Sokol, senior product marketing manager at Clearswift Corporation, stressed that the goal of any effective business e-mail policy has to be prevention. Organizations can set up software systems to monitor employee e-mail to find banned words and phrases and inappropriate images. Employees whose e-mails contain inappropriate content can then be warned about their behavior before the organization is exposed to greater risk.

Participants in the program learned that the world of electronic communication and its regulation are growing even more complicated. The National Association of Securities Dealers (NASD) recently decreed that member firms must retain instant messages for at least three years. Other industries will no doubt follow suit.

The program followed up a major survey sponsored by AMA, with the e-Policy Institute and Clearswift, that three-fourths of those surveyed had written policies concerning e-mail but fewer than half trained their employees on those policies.Click here to read the complete results of AMA’s 2003 E-mail Rules, Policies and Practices Survey.

Training Seminars Held Nationwide Including:
BostonNew YorkWashington, DC AtlantaOrlandoChicagoDallasHoustonLas VegasLos AngelesSan Francisco