E-mail, instant messaging and other communication tools are extremely easy to use and they allow communication with at least a couple of billion people around the world. However, that ease of use and ubiquity represents a significant Achilles Heel for organizations of all sizes: data can easily be sent to the wrong party, employees can accidentally send all sorts of confidential data to competitors and others; and users can be tricked into sending information to people they shouldn't.
PortAuthority Technologies recently generated some statistics from its research into how data is being leaked through communications tools. It has found that HTTP is the leading avenue for data leakage, representing 37% of the problem in its most recent research. E-mail is next at 17%, while instant messaging and Webmail represent fairly minor avenues for leakage, at least for now, at 1% and 4%, respectively. Further, PortAuthority has found that customer data represents that vast majority of the data that is being leaked to unauthorized parties, followed by confidential information and Protected Health Information (PHI).
The last type of data leakage, while not a major issue for most companies, is of critical importance in the healthcare field. One of PortAuthority's customers with whom I spoke, Kuakini Health, uses PortAuthority's technology to prevent data breaches that would be in violation of the Health Insurance Portability and Accountability Act (HIPAA). HIPAA violations carry with them potentially enormous consequences and must be dealt with in a serious way.
The lesson for all companies, however, is very clear, particularly as unified messaging systems integrate various types of communication into a single repository. Organizations of all sizes must implement systems to prevent the inadvertent and intentional data breaches that can so easily occur in e-mail.
For example, like many, I have received e-mails and faxes that were intended for others - e.g., a purchase order sent to me by a vendor that was intended for another company. Systems need to be in place to prevent that kind of thing from happening.