Email Security Issues
The independent, non-profit Electronic
Privacy Information Center has an Online
Guide to Practical Privacy Tools that has links to a variety of products for
protecting your privacy.
Email Spying - A program that allows the
sender of an e-mail message to see what has been written when the message is
forwarded with comments to other recipients.
Solutions to email retention and electronic discovery issues?
Authentica, Inc., announces the launch of a
free Web service that lets users easily and securely share valuable digital
information and actively control how it is used by recipients after
service you can:
the printing, copying or forwarding privileges that you give to recipients
these privileges anytime - even after delivery
recipients' access to a document, even after it's on their desktop
all copies of a document regardless of its location (e.g., on recipients'
desktops, back-up media, etc.)
the activity of a document throughout its lifecycle
Email, analogous to a paper shredder, expires messages according to user or
corporate determined schedules."
Email encryption programs - See the PC
World article on antivirus utilities, firewalls, file encryptors, and other
PC protectors. 3/27/01
PGP Security offers a
variety of security products, including email
encryption products. Versions range from freeware with no support for
personal use to full enterprise solutions.
ZipLip - "was
started with the goal of providing highly secure yet simple and usable
messaging solutions for both businesses and individuals. ZipLip, Inc. provides
advanced, secure messaging solutions for global enterprises, service
providers, and businesses worldwide. ZipLip delivers enterprise applications,
tools and interfaces that enable secure communications between users and
applications, both within and outside the firewall. ZipLip also operates a
service portal at ZipLip.com
that was the first to offer free, secure, web-based email and today serves the
email needs of hundreds of thousands of users worldwide."
"is a simple solution to the increasingly critical problem of security and
privacy on the Internet. . . . To your employees, vendors, and clients, ZixMail
is just the easiest and most affordable way to send email that's private,
secure, and certified."
Email Monitoring - While few
employers have people actually monitoring employees' communications on an
ongoing basis, electronic tools are making it more feasible to do this. That
doesn't, however, mean that employers should take advantage of every tool
2/05/01 - "The Privacy
Foundation has recently learned of an exploit that allows the sender of an
e-mail message to see what has been written when the message is forwarded with
comments to other recipients. We have nicknamed this problem "e-mail
wiretapping" because the exploit allows someone to surreptitiously monitor
written messages attached to forwarded messages.
Some of the possible ways that this exploit might be used include:
Monitoring the path of a
confidential e-mail message and written comments attached.
In a business negotiation
conducted via e-mail, one side can learn inside information from the other side
as the proposal is discussed through the recipient company's internal e-mail
A bugged e-mail message could
capture thousands of e-mail addresses as the forwarded message is sent around
particularly those based offshore, may seek to offer e-mail wiretapping as a
Read the complete
article, including detailed directions for configuring email programs to
reduce this risk.
Last updated: 05/07/01