- Is the Cisco MARS mission going to abort?
- First iPhone worm spreads Rick Astley wallpaper
- 10 stunning 3D buildings made with Google SketchUp
- Open source software ready for big business
- Four reasons to buy (and one reason to avoid) the Droid
 |
 |
Mention the word "archive" in regard to corporate e-mail, and users get their hackles up. But IT managers are taking a tough stance: Messaging is not personal. "People rely on e-mail as a record of their life, but they should not assume that e-mail is a private form of communication," says Joanne Kossuth, CIO at Olin College in Needham, Mass.
The blurring of personal and business e-mail is a serious problem at companies today, says Mich Kabay, associate professor for information assurance at Norwich University in Northfield, Vt., and author of the "Network World on Security" newsletter. "Any e-mail message that is written on a corporate account should be considered written on company letterhead," he says. "It should not be taken lightly."
Personal e-mail contaminates corporate archives, wastes valuable resources, including storage space, and is a productivity risk, as it adds to the amount of time IT spends on managing the messaging system, he says.
Olin's Kossuth is just one of many IT managers trying to hash out policies for e-mail use. Driving this movement are high-profile lawsuits that involve e-mail evidence and an increased focus on federal and private sector regulations.
The Gramm-Leach-Bliley Act makes Olin responsible for all information on campus, with much of that information held in the college e-mail system. "We have to make ourselves compliant so we're not tagged by the auditor," Kossuth says.
To avoid any confusion about the public nature of e-mail, Olin has all users sign an acceptable use policy. "If there is an event, the institution has the right to search e-mail," Kossuth says.
Kossuth encourages everyone to use a Web-based account on Yahoo or AOL for personal communications. "There has to be delineation between personal and business," she says.
Another way she discourages personal use of the system is by setting storage limits on the server and the lifetime of messages overall. Each student is allowed 30M bytes of storage and then has to transfer data to local folders. Faculty and staff are not held to quotas, but are subject to the same archiving rules that apply to students. Olin does not keep messages on the server for more than 30 days, and then only archives them for six months, a time frame set by the college's senior administrators. The reasoning is simple: "If you keep messages around for long periods of time, you have to protect them and you face liability issues." If the college is sued, years and years worth of archived messages could be used for discovery, which would be a time-consuming and costly process, Kossuth says.
Like Kossuth, Andrew Kline, network administrator for The Reading Hospital and Medical Center in Reading, Pa., struggles with the personal use issues. From the get-go, he makes it clear to employees that they shouldn't use e-mail for personal stuff. "It's a productivity tool," he says.
Kline has new hires at the main hospital and 60 satellite locations sign an acceptable use policy for e-mail. "They understand we can look at anything at anytime," he says.
Rss FeedRss Feed
The Leader in Network Knowledge
Comment