Share this refresher course on how to use e-mail in a security-conscious manner Pass It OnUsed improperly, e-mail can create all manner of problems, from lost intellectual property to sexual harassment claims. Share this refresher course on how to use e-mail in a security-conscious manner.Think of e-mail as a postcard, not a letter. Your e-mails can be inspected by the company anytime before or after the message is sent. Refrain from gossip; speculation on business ventures, partners and competitors; off-color jokes; sarcasm; and attacks.E-mail is no place for IP. Keep sensitive corporate information and intellectual property out of e-mails unless it’s encrypted and you have approval to send it. Use encryption and a certification mechanism when sending sensitive data outside the company.Give it time. Reread an e-mail before sending it. If possible, save it as a draft and reread it later. The time will give you a critical eye to its content and tone.Know your mailing lists. Content must be appropriate for everyone on a mailing list. So if the “Project Team” list includes contractors, the information in the e-mail must not be off-limits to those folks.Know your addressees. Before sending, check all addressees to make sure that your e-mail’s autocomplete address feature didn’t add someone to your list who you don’t want on it. Use the “bcc” field so recipients don’t see everyone’s e-mail and you won’t start a flood of unnecessary “Reply All” messages.Use plain text first. Cater to the lowest common denominator among recipients. Text-only e-mail is always preferred. Use HTML only when necessary.Stay out of the forwarding business. Chain letters, spam, jokes, audio and video clips, and other Internet-culture phenomena are verboten. Know the company’s policy for “office spam” as well (for example, “Mary in Accounting has furniture for sale”).Don’t be subtle. E-mail is blunt. It does not convey well nuances like sarcasm and frustration. Be clear and concise; it could be misconstrued as anything from a personal attack to inappropriate flirtation.Use common sense. If something doesn’t feel right, stop before you send. Consult your CISO. Or simply try again.Source: Ken Pfeil, a former CSO and now CIO of echelon one Related content news UK government plans 2,500 new tech recruits by 2025 with focus on cybersecurity New apprenticeships and talent programmes will support recruitment for in-demand roles such as cybersecurity technologists and software developers By Michael Hill Sep 29, 2023 4 mins Education Industry Education Industry Education Industry news UK data regulator orders end to spreadsheet FOI requests after serious data breaches The Information Commissioner’s Office says alternative approaches should be used to publish freedom of information data to mitigate risks to personal information By Michael Hill Sep 29, 2023 3 mins Government Cybercrime Data and Information Security feature Cybersecurity startups to watch for in 2023 These startups are jumping in where most established security vendors have yet to go. By CSO Staff Sep 29, 2023 19 mins CSO and CISO Security news analysis Companies are already feeling the pressure from upcoming US SEC cyber rules New Securities and Exchange Commission cyber incident reporting rules don't kick in until December, but experts say they highlight the need for greater collaboration between CISOs and the C-suite By Cynthia Brumfield Sep 28, 2023 6 mins Regulation Data Breach Financial Services Industry Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe