Is email still the best way to run your business?
Email is still the default way businesses communicate, but in a world rife with hacks and exploits, is email still safe?
Email is the default communication tool of choice for the vast majority of small, medium and large businesses. Twenty years ago, initial communication would be made by phone, faxes would be exchanged and original documents would be sent through the postal system. Email made life so much easier. Email solved everything, and we embraced it fully. But should we still be using email in business?
Obviously the answer is “yes”, because that’s what everyone else does, and your primary goal is probably to communicate with the minimum of fuss. But email isn’t ideal for every type of message you want to send – and it certainly isn’t secure. Thankfully there are alternatives, but can you use them with those who are potentially wed to email for life?
Show me your secrets
Email is like a postcard being sent (albeit very quickly) through the mail. Every person (or computer) who handles the message can read it. There’s no envelope to obscure the message or keep its contents safe. This means that sensitive information is exposed.
You have no secrets? I dare you to send copies of every letter and other correspondence that’s passed between you and your company’s accountant or chief Financial Officer to Pastebin.com. It’s nobody else’s business how you set up your company’s pension system or how you structure your accounts. And I can almost guarantee that someone in your organisation has sent a password to a business system over email at some stage. This is sensitive information that needs to be protected.
The obvious fix is to use encryption, but this is challenging even for IT professionals. Normal office workers struggle with products such as the oft-recommended GnuPG or PGP encryption products. Even security geeks struggle with it – have you tried using PGP on a smartphone?
Some email providers have woken up to the problems with email security and now provide encrypted connections, so when you send a message from a Starbucks WiFi network it’s moved to the email server in such a way that other users won’t be able to read the email or intercept your password. But once the email begins its travels over the internet, it will likely pass through unencrypted connections, at which point any information in the message is exposed.
Even if you’re an email security ninja, and have no problem juggling public and private GnuPG/PGP keys, your fellow correspondents will almost certainly lack your expertise. It’s guaranteed that at some stage someone will reply to your encrypted email and quote the clear text version of your secret message back to you, rendering your efforts useless and potentially flagging up that content as being particularly interesting (because you originally encrypted it, so it might contain juicy details)!
CC: Janet, John, Topsy, Tim, Bob, Alice, Eve…
Email’s convenience is so great that we often forget about its shortcomings. And these aren’t all about security. If you’re working on multiple projects with different groups of people, you should think twice about relying solely on email. It’s hard enough to follow an email thread with a few people contributing and replying to all. It becomes hard to track the conversation as replies don’t always appear in a logical order.
For example, someone might write their reply while offline. Their message turns up later, after other people have contributed to the discussion. This can cause confusion at best. If people don’t pick through the timestamps of each message carefully, the scope for miscommunication is vast. Alternatively, if enough people are being CC’d, there’s a temptation to ignore the entire thread because clearly someone is paying attention to whatever issues are being discussed and you can quietly get on with other things. Then you have a communication breakdown.