Tuesday, December 8, 2009

Filled Under:

Companies filter emails of staff to prevent data transfer

Any technological innovation can be used or abused. Unfortunately, many observe that mobile phones with cameras as well as internet facilities are more abused than used.

While Indian conglomerates are yet to bar the use of mobile phone cameras within office premises, they have started filtering mails being sent by employees to avoid transfer of key data or information to the enemy .

While some like the cigarettes-to-hotels & FMCG conglomerate ITC ensure that mails being sent by colleagues get approved by department heads, others like IVRCL Infrastructures & Projects are looking to impose these safety guards in its wholly-owned subsidiary company Hindustan Dorr-Oliver as it is involved in technical and complex work.

Said ITC Ltd CIO VVR Babu: “External email access in ITC is given to users based on specific approvals. Use of IT facilities including email is governed by the Employees Code of Conduct. Since our emails are archived, mails can be accessed and reviewed post facto by the user’s manager in case there is a need to do so.”
“This apart, we do not allow users to access external mail sites such as Gmail, YahooMail, Hotmail, Rediffmail, etc. from the ITC network for security reasons ,” Mr Babu added.

A leading IT security firm Websense’s spokesperson Manish Bansal concedes: “As much as 70-80 % of information leaked happen inadvertently. That is why a strict check on mails are a must for companies. There are instances where employees of a certain department have leaked classified information to colleagues of other departments.”
Adding, Mr Bansal said: “Organisations which keep a tab on their email systems define what breed of information can be termed as essential to a firm. These are carefully monitored. There are softwares that scan every mail — both outbound and inbound. IT service firms and financial organisations dealing with customer data as well as telecom companies are ones that use the monitoring system on a regular basis.”

Asked whether use of such software slows down the mail systems, Mr Bansal said: “Current day softwares are dynamic enough not to slow down systems .” Some like IVRCL Infrastructures & Projects have not felt the need to filter mails being sent by its employees.

“We are, however, looking to impose these safety guards in group company Hindustan Dorr-Oliver as the firm works on far more technical and complex projects,” E Sudhir Reddy, chairman & managing director , IVRCL Infrastructures, pointed out.

Elaborating further, Mr Reddy said, “Many of the processes being used by Dorr-Oliver are patented. In the past, Dorr-Oliver lost out because these processes were either transferred surreptitiously to the enemy camp or were retained by the fabricators and subsequently , used the processes to execute other projects. Past experience suggests that we put a strong system in place as far as Dorr-Oliver is concerned.”

“Chip design companies, manufacturing entities, healthcare firms, BFSI and software development companies even control use of USB drives, CD/DVD or uploading of data to the net either through mail or any other system . If an employee tries to upload sensitive company information, the system automatically blocks it and the company’s IT department can pin him down,” said Kartik Sahani, country head McAfee, another leading IT security firm.

“At Novartis, we have a code of conduct to which all employees are party as also an information security policy which clearly lays down the dos and don’ts to be followed by employees with regard to all information they come in contact with by nature of their jobs. While we do not bar employees from using other mail systems, we expect employees to not misuse company time and resources. In case an employee is found guilty of such misuse, he/she could be liable to disciplinary action,” said Ranjit Shahani, vice chairman & managing director, Novartis India.

The firm, however, restricts use of mobile phones with cameras in certain areas where there is a risk of data getting transmitted outside the company.

Does all this mean Indian conglomerates and business houses may soon restrict use of camera phones within office premises? Who knows!

0 comments:

Post a Comment

Blog Archive