Monday, January 15, 2007

Corporate Information as Reverse Spam

From the NYT - Firms Fret as Office E-Mail Jumps Security Walls.

A growing number of Internet-literate workers are forwarding their office e-mail to free Web-accessible personal accounts offered by Google, Yahoo and other companies. Their employers, who envision corporate secrets leaking through the back door of otherwise well-protected computer networks, are not pleased.

And it goes on about how the suspender-snapping punch-card set is all wound up because the people they hired are trying to work. And that their remote access solution probably sucks and doesn't meet their needs. You can go out and buy some sort of reverse spam filter that will process all the outbound e-mail for your corporate sensitive words. Once the offender is identified, you can then go mete out punishment. Of course you'll have to be watching for false positives. It's hard enough to create an accurate spam filter with the huge sample of spam processed through it, can you correctly identify all the corporate Type 1 and Type 2 errors?

The real answer is in the comment in last paragraph of the article:

“We have as high a security standard as any company,” said Ms. Bargero of Sendmail, “and sometimes it is just too difficult to access our e-mail.”

Bingo. If you design a system that is usable, you might not have this problem.

No comments: