The new security threats faced by larger companies are not from any Trojan program but from the outbound e-mails by their own employees. Many companies are afraid of such e-mails leaking out their confidential information, resulting in legal, financial, or regulatory risks. And to prevent such data leaks, more than 40 percent of the companies in the U.S. and Britain are recruiting staffs to scrutinize outbound e-mails, says a study which was commissioned by the e-mail security provider Proofpoint and conducted by Forrester Research.
More than a third of the U.S. companies surveyed said their business was hurt by the exposure of sensitive or embarrassing information in the past 12 months. And nearly one in three U.S. companies surveyed said they had fired an employee for violating e-mail policies during this period and estimated that about 20 percent of outgoing e-mails contain content that pose a legal, financial, or regulatory risk.
“What folks are concerned about is confidential or sensitive information that is going out,” said Gary Steele, Chief Executive Officer, Proofpoint.
Among the many concerns of these companies, protecting the financial privacy and identity of customers stood at the top, followed by compliance issues and a bid to prevent leaks of confidential matters.
Apart from e-mails, the companies are also worried about employees leaking company information on their blogs, message boards, and media-sharing sites like YouTube.
These companies do not hesitate to take disciplinary action against employees who violate e-mail related rules, and 11 percent of the surveyed companies have done so in the last year.
The study also said that 14 percent of publicly traded companies investigated leakage of material containing financial information, such as unannounced financial results, on blogs and message boards.
Is it such an important topic to deal with? While 57 percent of the U.S. companies surveyed said reducing risks associated with outbound mails is very important, 50 percent of the companies in Britain also said the same.
The survey gathered responses concerning e-mail security from 406 companies with more than 1,000 employees in the U.S. and Britain.
Though the companies are adopting a lot of measures to tackle the issue, there is a need to draw a discretionary line to demarcate the limit between private details of employees and official data, which companies need to protect.