Application security

Marshal: Corporate America needs webmail policy, enforcement

Nearly half of corporate employees say they are not limited by company policy from accessing their personal webmail accounts at work, according to a recent survey.

Forty-eight percent of 242 respondents to a web survey by email and web security vendor Marshal said their company does not regulate access to webmail accounts at work.

The survey identified Hotmail, Yahoo and Google's Gmail as the main webmail services used at work, adding that those services often circumvent corporate email content checks.

One-third of respondents told Marshal that employers have placed a total ban on non-company webmail services and backed up the regulation with blocking technology. Another eight percent said their employer condemns use of webmail services but has no technology for enforcement.

Bradley Anstis, director of marketing and product development for Marshal, told SCMagazine.com today that companies can be flexible and still employ email security.

"(Companies) can be more flexible, but they should be restricting access," he said. "And they should be restricting the content that's being downloaded, and they certainly should be restricting the content that's uploaded."

Mark Sunner, MessageLabs CTO, told SCMagazine.com today that companies are often in a tough situation when deciding whether to let employees use non-corporate email on the job.

"I think the employer is stuck between a rock and a hard place. In this day and age when people are asked to work longer hours, there is an amount of pressure to allow access to personal email as well as company email," he said.

Firms are now seeing a similar problem with instant messaging (IM) platforms, Sunner said.

"This counts for IM, and I think IM has even more problems for IT professionals, as its deployment is driven by the employees instead of the IT department," he said.

Scott Petry, Postini founder, CTO and executive vice president of product development, told SCMagazine.com today that companies beholden to Federal Trade Commission and other regulations have more robust email security rules.

"Across the customer space, we find that the companies that are being proactive about this are the regulated companies," he said. "And they're doing it for the programs, not for the security."

 Click here to email Frank Washkuch Jr.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.