Forwarding emails home puts security at risk, workers warned


Workers are undoing all the time, money and effort companies spend on keeping their corporate email systems safe by sending sensitive messages to personal accounts that can be easily breached, U.S security experts have warned.

A report in the New York Times has found that a growing number of internet-literate workers are forwarding their office e-mails to free web-accessible personal accounts offered by internet giants such as Google and Yahoo!.

This, security experts are warning, could mean corporate secrets leaking through the back door of otherwise well-protected computer networks.

"It's a hole you can drive an 18-wheeler through," Paul D Myer, president of security firm 8E6 Technologies, told the newspaper.

The difficulty is squaring the circle between corporate technical and security experts, who want tighter controls over internal company communications, and employees who simply want to get to their mail quickly.

The problem is becoming a growing issue as workers work on the move more frequently or take work home and so need to access company emails remotely.

So far no major corporate disasters caused by this kind of e-mail forwarding have come to light, but security experts are warning the risks are real, said the paper.

The flimsier security defences of web mail systems could allow viruses or spyware to get through, and employees could unwittingly download them at the office and infect the corporate network, it added.

Also, because messages sent from web-based accounts do not pass through the corporate mail system, companies could fall foul of federal laws that require them to archive corporate mail and turn it over during litigation.

"If employees are just forwarding to their web e-mail, we have no way to know what they are doing on the other end," said Joe Fantuzzi, chief executive of information security firm Workshare.

"They could do anything they want. They could be giving secrets to the KGB," he added.