Use of Email for Confidential Communication
I cannot stress enough that email is the electronic equivalent of a postcard. Information that is transmitted over the Internet passes as readable bytes available to anyone who can read them. As the traffic passes from one network to another, the probability of your email message being read increases. Additionally, if your message ends up in the wrong mailbox, you can unintentionally reveal information that should not be released.
After the message leaves your system, you have no control over who can read the message or that it even reaches its proper destination. Because of this, some organizations create policies that do not allow confidential or proprietary information to be included in email. Others might have policies in place to allow users to send confidential information among themselves but not to users outside the organization.
Encrypting Email for Confidentiality
The third option is to have a policy that requires confidential and proprietary information to be encrypted before it is transmitted. By encrypting the message, it should be able to be read only by the intended recipient. However, the use and handling of encryption is not to be taken lightly. There are many issues, such as key management, key recovery, and export restrictions, that are beyond the scope of an email policy. Although encryption policies are discussed later (see Chapter 9, "Encryption"), you can include a provision in your email policy for its use. For example:
Proprietary information sent to users outside of the organization shall be encrypted prior to its transmission. The use of encryption shall be consistent with the organization's encryption policies.
Digitally Signing Email
Another concern with email is that a message can be created to disguise the real sender. This is called "spoofing." Although it is used by those who send unsolicited bulk messages (spam), it also can be used as a tool in corporate espionage. In this scenario, messages sent to the organization's users look like they came from familiar sources in an attempt to convince them to return proprietary information.
Users can contact the suspected requester to verify that they sent the request. But the culture of email is so trusting that this is rarely done. The only way to ensure that the message is a valid request is if it was digitally signed. Digital signatures are part of an encryption system that uses the cryptographic algorithms to create a numeric value unique to your message. Like encryption, policies governing digital signatures are best left to the encryption policy statements (see Chapter 9). Again, you can include a provision in your policy such as:
Any request for proprietary information shall be digitally signed and that signature verifiable.
Users transmitting proprietary or sensitive information shall digitally sign the message to demonstrate validity and traceability to the recipient.
The use of digital signature shall be performed in accordance with the organization's encryption policies.