Remote/Home Use Of Email
Email use is no longer tied to the desktop and restricted to the office. A host of technologies now make it possible to create and receive messages whilst at another location or in transit between locations. These are all positive developments that have done much to increase the productivity of users; but at the same time it is important that the risks inherent in such flexibility are recognised and addressed. The institution should seek to ensure that same level of management control is extended to the active use of email where ever and how ever it is being used.
It is important that remote and/or home workers recognise that the emails they work with 'off campus' are subject to exactly the same policy framework as all other institutional emails. This should be communicated to any users affected as part of the terms and conditions of working remotely.
It will prove easier to retain a consistency of approach to email management, regardless of location, if staff email is configured on an IMAP rather than POP basis. Use of IMAP ensures that all messages contained within a user's email account are stored centrally on the institution's servers and are only retrieved when required. A POP-based email service downloads messages for storage on the individual user's machine resulting in a range of potential management problems as indicated in the table below:
Table outlining the management problems associated with POP-based email provision
| Issue | Implications |
| Information loss | Unless copies are also being retained on the server any fault or theft of hardware could result in valuable information being irretrievably lost |
| Information security | Loss or theft of hardware could result in sensitive or confidential information falling into the hands of 3rd parties. There are countless examples of laptops containing such information being stolen from cars, hotel rooms, conferences etc. |
| Legal discovery | Emails stored locally may not be located or accessible if required as part of a legal discovery exercise or request for information |
| Inconsistent retention | Emails stored locally are less likely to be retained or destroyed according to pre-defined business rules |
| Gaps in the evidential record | Emails stored locally will not be accessible to others and important information may appear to be missing from the information associated with a particular process or transaction. |
| Preservation | Emails stored locally are less likely to be subject to any institution-wide preservation activity, thus increasing the chance of them becoming inaccessible over time |
Those using mobile devices such as Blackberries should ensure that access to the device is password controlled. They should also be encouraged to resist the temptation to adopt a 'text language' approach to creating emails on such devices. Abbreviations and use of slang are open to mis-interpretation and are not appropriate for what may form part of an official business record.
