Security Experts:

The Risky Business of Company Email - Are Limitations Threatening Security?

According to recent research conducted by Mimecast, while 71% of employees understand the risks, 47% still feel that it’s okay to use personal accounts to send work emails. The goal of Mimecast’s Generation Gmail Research project is to reveal how email is used by employees across the globe. And, in this particular segment, how attitudes about work email are changing and how progressive employers are managing this core communication channel.

Company Email UsageThe research found that 79% of all employees send work emails from their personal email accounts, with 1 in 5 saying they do this on a regular basis. Awareness of the security risks this behavior poses does not act as a deterrent: 71% of people questioned recognize that there is an additional risk in sending work documents outside the corporate email environment, but 47% of these same respondents feel it is acceptable to send work emails and documents to personal email accounts anyway.

The most important conclusion that can be drawn from the report is that IT departments worldwide are fighting a losing battle in seeking to constrain employees’ behavior through policy alone. Today’s information workers, or “Generation Gmail,” want the same flexibility with their workplace email as they have with their personal email -- when they don’t get it they resort to using their personal email for work.

What’s the solution? The findings call for a new approach: empower employees while protecting company data and ensuring compliance.

While IT-imposed limitations drive employees to use personal accounts, simply moving from a “controlling” to an “empowering” environment won’t cut it. Why? Because only 40% of respondents said they would be less likely to use their personal email account for work purposes if they had an unlimited work mailbox. So, it appears that a technological solution is also needed to ensure compliance and reduce the need to work around the limitations of corporate email.

Additional key findings of the research included:

• 66% of employees responded that email is their favorite means of communication.

• When asked what the reasons were to use personal accounts for work purposes, 71% responded that it was to work on documents remotely, 21% said it was to send files too big for their company mailbox; 18% wanted to take documents with them when they left a company; and 9% simply didn’t want to carry their laptop home.

• Only half of email workers (54%) say that their company has an email policy, 29% say there is no email policy and 1 in 6 (17%) don't even know.

• At companies where email policies exist, 42% of these policies cover email management and only 30% include issues relating to email retention. Most policies are related to the appropriate use of email (88%) in the business.

• 4 in 10 (40%) of corporate email users think that their organization’s email policy could be better communicated.

• When asked to rank their biggest frustrations with work email, 39 % of respondents said managing mailbox contents to keep it within certain limits; 25% were frustrated about messages saying their mailbox was full; 17% felt the inability to send/receive messages when over a size limit was frustrating; 15% were frustrated that they had to send emails to personal accounts; and 6% were frustrated by having to use tools like YouSendIt to send large files.


Peter Bauer, CEO and co-founder of Mimecast states, “Getting employees to care about this risk is only part of the solution; employers must take responsibility for closing this disconnect through a holistic effort encompassing email systems, policy and culture. The most progressive companies will be those whose email systems and policies support the needs of both the business and its employees.”

Read More in SecurityWeek's Email Security Section

view counter