Blogger: Mike Gotta
I'd like to add some additional context to a recent post by Eric Malwald in our SRMS group. Eric brings up a very good point - that organizations cannot assume that adoption of a hybrid model that splits e-Mail services across a hosted and on-premises topology makes an organization safer when it comes to protecting sensitive information. With relative ease, people can expand the group of message recipients to people whose inbox resides on the hosted system (on purpose, inadvertently, or as part of a "back channel" conversation with a co-worker). That action defeats the intent of keeping sensitive information "on premises".
Then again - it all depends.
First, e-Mail systems include more types of data than just e-Mail messages. There are calendar entries, task entries, and contact information for example. You might even add unified messaging to the mix as well. Second, while it is true that e-Mail "is information on the move", it is also very true that e-Mail systems are a core piece of an organization's information management duties once it rests in an inbox. e-Mail is also often classified as a type of business document. Not only due to the issue of attachments, but people compose "documents" in e-Mail that make it a critical business artifact. Calendar entries may also have attachments, contain sensitive information regarding appointments and attendees. Workflow information and contact information also make e-Mail systems critical information systems beyond its messaging roots. As e-Mail products have improved over time, many modern topologies are more centralized than years earlier. Increased use of e-Mail and reliance on more centralized e-Mail "farms" has made information and storage management (as it relates to e-Mail systems) a top priority for many organizations. The reason I point this out is that we need to expand Eric's point beyond the flow of messaging. When e-Mail is not on the move - it is at rest. In fact, most e-Mail "rests" more than it "moves" I imagine.
So are we more or less safe with the idea of a split configuration? I think the answer remains "it depends".
What would Xobni say? That might sound like an odd comment at first but let me explain. Given my research in social networking, I have been examining Xobni (and similar tools) for some time. When this topic came up internally, I looked at my Xobni statistics and discovered that my top e-Mail "partners" where my own team members. I'm pretty sure that held true for me when I worked at Meta Group. I think it might hold true for a lot of people.
So back to the topic - it would make sense to identify and understand e-Mail usage patterns (including calendar, tasks, contacts) before making the decision on a hybrid approach. Eric brings up a good point - you cannot assume that you are better off. Then again, you might be - especially if those groups that would be part of the on-premises e-Mail topology are inwardly focused to a large extent when it comes to their usage patterns re: e-Mail, calendars, tasks, contacts, etc. This still does not eliminate the question Eric brings up - but it may be a minority concern in some instances. You may find that there is a significant amount of email messaging within teams and groups of various kinds that is more informal and reflects “flow of thought” than the type of messaging that is more formal and sent out in broadcast form or otherwise (directed messages) to other teams.
The key point: Perform the email messaging analytics to determine sender-receiver patterns and the type of messaging content being shared. To Eric's point – don’t assume that you cannot shift that group to a cloud and don’t assume that you are safe because email does move around and is stored in a variety of inboxes – but also recognize that intra-group messaging can be more dominant and contain information the team never shares outside their own group.
Security and Risk Management Strategies Blog: Risks Around Hosted Email
Email is information on the move! It is different than information at rest.
In talking to analysts in Burton Group’s Collaboration Strategies Service about one of their talks at Catalyst, I heard a very disturbing idea. We were discussing hosted email and one of the analysts, Bill Pray, mentioned that enterprises that were moving toward using hosted email (email in the cloud) were keeping “sensitive” departments (HR, finance, etc.) on internal email systems. The reasoning was that these departments dealt with sensitive information and therefore should not be included on a hosted system.
But wait! This assumption may sound right on the face of it but it does not hold on further analysis. Back in (ancient) history, information was stored in filing cabinets. Cabinets in HR and finance were locked to prevent unauthorized people from seeing the information. As we moved to a more computerized environment, sensitive departments were given their own file servers so all of the sensitive information was stored together and the number of people authorized to access the files was limited. This worked as the information was at rest.
Email is information on the move and violates this base assumption. You can segregate the email from HR, Legal, Finance, and other sensitive departments to protect it, but as soon as someone sends email out of the protected environment, all bets are off! Most email is likely to be between team members but not all. Just think about HR. Employees may send sensitive emails to HR people and vice versa. The sensitive information exists in the email system – not just within the HR email system. The same is true for any of the other departments as well.
Don’t just assume that the paradigm used for information at rest works for information in motion. You have to treat them differently!
Of course, the bottom line for very sensitive information is: Do not send it over email in the first place. If you absolutely, positively, have to send very sensitive information over email, use some type of encryption mechanism along with a strong authentication mechanism to protect it.