This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
People today are very quick in grasping all the new technologies available that can improve the ability and speed of communication. Electronic mail commonly known as email is one of the recent tribute to the evolution of new technologies. Email is used to send and receive the messages or important information in the form of digital messages. Earlier the email systems required both the sender and receiver to be online at the same time to send and receive the messages. But today the emails do not require both the users to be online at the same time, it uses a store and forward policy through which the user can store the email and forward it at any time. The email can be used to send messages and attachments containing proprietary information.
With the increase in the usage of email many privacy issues have come into the picture. The user needs to know the difference between internet email system and the internal email system. Internal email system is an application that can be used to send emails within the organizations network. Whereas the internet emails travel along the stored networks and during this transmission time there is a possibility for the intruders to read or even modify the content in the email. In order to protect the data the organizations have to establish an email security policy including special policy considerations.
Rules for Using Email
Today each and every person is using email but the question is, are we using it appropriately. Most of us do not know the rules that have to be followed to send an email. In order to make the best use of it we have to use it carefully and cautiously. Many people have proposed a set of rules that can be followed for effective communication; few of them are listed in this paper.
An email has to be precise and should me written accurately up to the point. The email has to be short because it is very discouraging to read long emails and the user might feel bored to read.
Using proper grammar and spellings is most important because conveying the message properly is the most important part in a business. Messages without proper punctuations are very difficult to read and sometimes they even change the meaning of the message the sender is intended. As all the emails have a spelling check option using it would be very easy.
Templates can be used for frequent mails. For example we frequently get questions like what is the address of your office. Saving the replies for frequently asked questions as templates would be helpful to give response. These templates can be saved in word files or pre-formatted emails.
Do not attach unnecessary files because too large attachments can annoy the customers, if possible try to compress the attachments. The sender should have a proper virus scanner to avoid sending documents full of viruses to the customers.
Create your signatures because having a signature looks more professional and gives the receiver a good impression.
Whenever while giving reply to any email, the original mail has to be included in your reply so that the receiver will understand which email you are replying for.
An apt and meaningful subject has to be used for the email. Many people tend to ignore the subject but it is very important as it saves the time of receiver in understanding your request.
Avoid sending confidential information through emails because they travel along through many networks and there is a chance for intruders to get your information.
Never copy or forward an attachment to other without the permission of the originator as it may include his private information.
Send acknowledgements to all the emails that carry important information so that the sender would be certain that you have received it.
Administration of Email
The policies any organization follows in order to handle the emails is as important the proper usage of a system in an organization. The policies followed by the organization have to be answerable to the accusations that can be very embarrassing to the organization. Most of the people do not take the consequences caused by the emails very seriously but it is a serious concern as it involves high profile scenarios and many privacy issues with the email. The email policies followed have to allow appropriate alertness for the users and administrators.
If the organization get the email services through outsource, it has to make sure that the service provider ensures to manage the service and follow the agreement. If the organization uses online service providers, the policies mainly concentrate on usage and has a very little to say about the administration. 
Establish the Right to Monitor Email
The most used universal application of internet can also be very dangerous. Email is used to transmit sensitive and important data, cause annoyance bother others, engage in illegal activities and cause security problems.
Technology now helps the employers to keep a track of all the communications going on in the work place. But few employees take advantage of this tacking system and try to read the emails of other employees. All these issues can be resolved and reduced if the organization monitors its flow of emails and the content in the messages, as well as collect the messages so that any issue can be examined with its help. This monitoring helps the organization to keep the track of all the emails and scanning can be used as the basis for these policies.
Now there raises a question, is email monitoring legal? Definitely the answer is yes, but only when the company has implemented a written email policy which warns its employees that their emails are being monitored and they cannot expect to have privacy.
Handling and Archiving of Email
Handling of emails mainly deals with the handling of traffic and flow of mails. It also has control over the data that is being transmitted through the mails. Few organizations restrict their employees by not allowing attachments through their mails which can help to protect the important information of the organization. The policies also include archiving of emails
Email archiving helps in preserving the mails sent from one person to another person. This archiving can be performed directly from the application itself or while transmitting the mail. After collecting the mails the messages are stored and then indexed so that it would be easy to search them when required. Many companies adopt these methods to protect sensitive data. Policies of organizations defer depending upon the storage type and duration for which the documents are saved. For example a companyâ€™s policy document can be in as follows:
The organization will archive and withhold all the emails that are sent through its server. The archived data will be stored in an online storage medium. After duration of six months the administrators are going to move the data from an online storage medium to an offline storage medium and then all the data from the online storage medium will be removed. Later on the organization will retain the data for two years or for longer period in the offline server depending upon the requirement of the management.
For large organizations it is a problem while writing a security policy for archiving and retaining the data. So it is required to have a policy different from what generally an organization has. In such scenario the company can write the policy in the following way:
The organization will change its policy to comply with allowed agreement. And the organization will notify its employees prior to the changes.
In the past few years viruses are widely spread through emails as a solution to this problem many administrators have decided to introduce virus scanning mechanisms to the networks. But the question that raises is â€œIs it legitimate to introduce virus scanning capabilities without having a policy?â€
In this world it is not authorized to do anything with private information without having a policy. Content-scanning policies are few such policies which allow the organizations to read the contents in the emails of their employees. Most of the organizations follow this policy to prevent their sensitive information from intruders. These policies do not seem to be good because they have to look over their employees shoulders as they are not trusted. The organizations need to specify what their goals for scanning are. It they want to scan for the viruses, it has to be mentioned in the scanning policy. If the organizations is scanning for the content, it has to be clearly mentioned in the policy. The organization should also make the list of item being scanned available.
Limiting the Size of Email
Email services have made it possible for users to send fancy messages to others and allowing them to transfer large amounts of data just by attaching files. These files can contain any kind of information. The usage of these file attachments has increased so much that many people are using to send important or private information through it.
Few organizations have found that their employees are using this method to send the documents to their colleagues instead of using the local network servers. For this reason few organizations have changed their policies by limiting the size of the files that can be transmitted. These policies rae known as email size restriction policy. But there are also few cases in which the employees need to communicate with with the customers by sending and receiving large messages. So in such cases the policies should be written in such a way that an employee would be given an exception if they are reviewed by the manager.
Use of Email for Confidential Communication
Email is similar to an electronic postcard. The information sent travels along multiple networks to reach the destination. With the increase in the traffic of networks there is a possibility for increase in the possibility that the message can be read by others. Moreover if the message reaches to a wrong person then the message is revealed unwillingly.
Once the message is sent it is not in our hands to control it until it reaches the appropriate place. So for this sake few organizations do not allow sensitive information to be included in the emails.
Encrypting Email for Confidentiality
This is an option through which data can be transmitted safely. The message should to be encrypted before sending it and this can be decrypted only by the authorized person. So this helps in preventing the privacy of data. The usage of encrypting technology cannot be taken easily because it involves many issues like managing the secret keys.
Malware Checking of Email
Today sending attachments containing malware in the email is the most common way the attackers prefer. Malware can be any application designed to harm your system. Malware can be in various forms like viruses, trojans and worms. Few protective measures that can be taken in order to protect our email are: 
Deleting emails that contain suspicious attachments like .exe file or .bat file.
Definitely scan all the files that use receive from others.
Scan your computers at regular intervals.
Disabling all the wireless interfaces like bluetooth as soon as using them will help by preventing attackers to introduce malicious file to the systems.
We should also be aware of the disguised files
Frequent backup of data can be helpful
Have a server side protection for emails
Usage of firewall is likely to secure your system by monitoring traffic in your system.
Sometimes just opening and reading an email may cause harm so to avoid that it is better to disable the automatic reading of mails option.
Defects in emails may sometimes allow malware into the system this can be avoided by having the email software updated.
Sample Email Security Policy and Procedure
Our organization uses a protector for email security conducts scanning of all the data and the attachments in the emails.
It has a control over the contents in the mails that enter and leave from the organizations network in order to ensure security to the sensitive data and block viruses and spamâ€™s.
The protector has the filtering capabilities to remove unwanted and malicious emails.
You should not have any expectations on the data stored in the device that has been given by the company has all the rights to view or read the data present on the device
All the information of the websites visited by the employees is stored in the server behind the firewall.
The information read from the email is stored in a server behind the firewall. Then after six months the data is moved to an offline server and removed from the online server. After that the data is maintained in the offline server for a time period depending on the requirements.
The organization may sometimes change its email scanning policy but the employees are informed about it prior to the change.