Analyzing Email Messages
Essay by Marry • April 18, 2011 • Essay • 1,031 Words (5 Pages) • 2,317 Views
Introduction
The three e-mail messages I have selected to analyze are informational and related to best practice in security. These e-mail are referred to by security personnel as part of a Information Awareness Training plan. The e-mails are routinely send out to employees to remind them of their responsibility, the dos and don'ts of information security, what is currently happing in the world of securing information, and the ramifications of what can happen when information is lost or obtain by people who do not have a need to know. The emails analyzed for this assign for in loss of information.
Purpose
The purpose of the e-mails were to inform employees of what can happen when information is not correctly stored or sent to others without applying the proper security measures. One of the e-mails was related to wikileaks and how information was obtain, the second was related to when a e-mail needs to have additional security applied, and the last was can happen when a person assumes they are doing what is best and adversely bypasses procedures. Each of these describes lack of proper security and e-mails were sent to reinforce how information should be sent, internally or externally to the company.
Sender/Receiver
The sender was the primary information security officer for the company. The selection on what the e-mails should contain and who it would receive the e-mail was decided by a security team that is made of security professionals and management representatives. The group meets bi-monthly to discuss various security issues and concerns as well as determine what level of training or reminders should be given to the employees. Since the company is broken up in to several sections, the training is tailored to the particular section in order to increase the level of understanding and how security affects their day-to-day activities. In the case of the e-mail analyzed, even though the entire workforce received the e-mails, they were more focused on the section that deals with the government as they had the most impact to how they are required to communicate with the customer as well as with others within the company. Each message was crafted to included why the e-mail was being sent, how one should protect information and were to find the policies and guides on the various types of communication, and what could happen to the company and the individual if the policies were not followed.
Technology
The technology chosen to was e-mail with the options to track whether a individual actually read the e-mail or deleted without even reading it (we have a few people that like to delete e-mails without really reading them). In some cases, the e-mail was generated in hard copy for employees who do not have easy access to the corporate e-mail or the internal/private network e-mail systems. In addition the e-mail was signed using the PKI add-on to the mail system. The e-mail system we are using allows the signature to be verified to ensure that it came from the sender and that it has not been tampered with. For most e-mail tools or devices, this has worked and the company
...
...