Your work e-mail is about as private as a postcard. How can you protect it from prying eyes?
Rupert Neethling
The versatility of office computers makes it tremendously tempting to use them for purposes other than work. But if an employee abuses company resources, naturally the boss will want to know about it.
What lengths will your employer go to to ensure your productivity? And is there anything you can do to protect your privacy?
The electronic privacy of employees is an area of growing concern in the South African workplace, but much of it is still a legal grey area. Meanwhile employers can, and many of them do, monitor their employees’ computer-related activities.
If the computer in your office is Internet-capable and connected to the company’s Local Area Network (LAN), employers can see which websites you have visited and how much time you spent at each site. As a rule, staff e-mail is routed to a company exchange server before it is actually sent or received, and usually it is also scanned with off-the-shelf software aimed primarily at checking for viruses. But many of these software packages can also scan e-mail messages for flagged keywords, attachments (are you sending out your CV?) as well as the recipients of your e-mail.
Employers have justified their monitoring policies by citing examples of staff members who try to steal company information or client databases in order to start their own businesses.
But what about personal e-mail that has about as much impact on your productivity as the occasional conversation with a loved one on the telephone?
If you want to exchange e-mail with someone and you don’t want anyone but yourself and your recipient to read it, there are options like Hushmail (hushmail.com), an online service that offers free, 1E024-bit, end-to-end e-mail encryption by way of a small Java applet that you download from the Web. Hushmail reportedly offers the strongest e-mail encryption available anywhere.
ZipLip (ziplip.com), another free service, offers “snoop-proof”, Web-based e-mail. To access it, your recipient will need a password, which you have to give them beforehand. Your message is protected by 128-bit encryption (the strongest encryption allowed internationally to United States- based companies). A handy feature of the ZipLip service is that your message will be erased after 24 hours.
In many cases, protecting your e-mail could also benefit your employer: encrypting your discussions about current projects with clients, colleagues or suppliers can keep sensitive company information from falling into the wrong hands.
Regular e-mail has often been said to be as private as a postcard. A major reason for this is because e-mail does not merely reside unsecured on individual computers or company networks, but often also on several servers along the way to your recipient.
Bill Gates discovered this to his chagrin during the recent court case against Microsoft. If it had been available at the time, Gates may have been interested in the services of Disappearing Inc (disappearing.com), a newly established company specialising in “self-destructing” e-mail. Using the Disappearing Inc system, you can set your e-mail to become unrecoverable after a specific period of time – from seconds to years.
The advantage of this technology, at least, is something both employers and employees can probably agree on.