Is it safe to use webmail on work computers? Security Experts from Proficio and STEALTHbits commented on the DHS Using Webmail on Work Computers.
Brian Vecci, VP of Product Management, STEALTHbits :
“Third party email use has traditionally been disallowed for a simple reason: any system that’s not under the control of the organization is a risk. When someone sends an email using Gmail or yahoo, that information isn’t monitored by the organization, bypassing the policies and controls used to protect information. Just because Gmail itself hasn’t been hacked doesn’t mean that information is protected, since any individual user could have their account compromised and all of their email stolen. Since it’s outside the network and control of the organization, it’s extremely difficult for them to identify and mitigate any kind of breach. You can’t manage what you don’t monitor, and when your users are using Gmail to communicate, you can’t monitor anything.”
John Humphreys, CMO, Proficio :
“It was banned for a good reason. Hackers are always on the lookout for ways to infect key users’ computers and hijack their credentials. Private email services do not have powerful email scanning capabilities that identify malware and phishing attacks, making users more vulnerable to targeted attacks. Employees may consciously or unconsciously use their personal emails to send confidential information, thereby storing the emails outside the control of the organization without data encryption.”[su_box title=”About STEALTHbits Technologies” style=”noise” box_color=”#336588″]STEALTHbits Technologies is internationally recognized in cyber security and Internet threat detection/prevention. Its access management solutions are used by public & private sector enterprises to block malicious access to unstructured data such as email, file systems, presentations, etc. (≈ 80% of organizational data). By ensuring that only the right people can access large, highly-sensitive data pools, STEALTHbits helps customers cut risks and operational expenses, and fulfill compliance requirements.[/su_box][su_box title=”About Proficio” style=”noise” box_color=”#336588″]Proficio Inc. is a leading cloud-based Managed Security Service Provider (MSSP) changing the way organizations meet their IT security and compliance goals. Its solutions and expertise defend enterprise networks and applications from cyber attacks and help leading utilities, health providers and major corporations protect compliance.[/su_box]
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.