It really depends on the nature of the data being transferred. In the organization I work for currently we have taken the time to numerically weight all data in order of privacy concerns. Email traffic happened to come up high on the list and we took steps to ensure that when possible all email to and from remote offices, business partners and others be routed via our private network. In addition PGP was issued to those who regularly transferred or even dealt with privacy act information. (Grrr NA).
If your foresee data being transferred by email which should only be read by the intended recipient you shouldn't be using email to transfer that data -- but more importantly you most definitely shouldn't be using email to transfer that data over the internet. Now... All of this goes under the assumption that you are using no form of digital signatures or encryption on the data stored within said email. Re: Web Mail. -- It depends on a number of factors. Are you using SSL from client -to-> webserver? Are you storing any of the email local to web server? If not, are you locating the webserver outside of your firewall while your email servers sit inside (only allowing access to port 25 to them). In general however - Yes using this method would be MUCH prefered to simply forwarding the email to a system at which you maintain no control. > -----Original Message----- > From: Marcus James [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, June 26, 2002 6:44 PM > To: [EMAIL PROTECTED] > Subject: email fowarding > > > > Here's the situation: > > One of the companies I work at enables certain users to > foward their email to an external address of their choice. So > internal email sent to an employee may be fowarded externally > to a hotmail account for example. What I am trying to > determine is what the best practices are in this regard. My > gut-feel says that this is not a good idea since email is > "inherently insecure" and may be intercepted and so on and so > forth. But on the other hand is this such a big deal? I'm not sure. > > A second question: Would forcing users to use a web interface > to access their email instead be "more secure"? > > Thanks... > -- > __________________________________________________________ > Sign-up for your own FREE Personalized E-mail at Mail.com http://www.mail.com/?sr=signup Save up to $160 by signing up for NetZero Platinum Internet service. http://www.netzero.net/?refcd=N2P0602NEP8
