You are here  IT Management Risk Management

Should we ban e-mail?

Thursday 09 May 2002 02:58
Volume and content are not the only problems created by the five billion e-mails in the system every day. Karl Cushing looks at the best way to manage it

Once universally hailed as the desktop killer application, e-mail is now seen as a double-edged sword in commercial circles. On the one hand, it is a highly useful communication tool which many organisations would be lost without; on the other, it opens the organisation to a potential security risk and legal liability and creates information overload causing stress and affecting employee productivity.

The amount of daily global e-mail traffic reached five billion last year and is predicted to rise to 35 billion by 2005, according to analyst Meta Group. Unless organisations take drastic action now to ensure that the benefits of using e-mail outweigh the disadvantages, their employees face being swamped in a sea of spam.

"E-mail abuse is endemic across the UK," says Steve Purdham, chief executive at Web and e-mail filtering software firm SurfControl. "We are behaving e-morally on a widespread basis." He points to the findings of a recent NOP survey on e-mail ethics, commissioned by SurfControl, in which 30% of the white-collar office workers polled admitted to sending racist, sexist, pornographic or discriminatory e-mails whilst at work.

"What is also of major concern is the fact that 80% of workers in the UK use e-mail as a tool to cover their backs and a third also prefer to hide behind e-mail than deal face to face or over the telephone to tackle a sensitive situation," Purdham says. "E-mail has become a very neat 'get out of jail card' in the workplace."

Another problem is that productivity is suffering. The survey shows that two-thirds of workers in the UK view non-work related e-mail as no different to smokers taking cigarette breaks.

And the list goes on. There are the bandwidth and storage issues. The threat posed by employees, either deliberately or inadvertently, sending confidential company information to third-party sources should not be under-estimated as it could damage the organisation's name, its brands and its share price. There are also serious legal issues, as any e-mail sent from work can be interpreted as representing the company and is legally binding. Non-work related e-mail usage also has an enormous security implication. According to a report by research firm Vanson Bourne, two out of three UK firms have suffered a virus attack.

Do you still think e-mail is a harmless communication tool?

There are a number of options and strategies available to help organisations manage e-mail more effectively, however. Whilst banning the use of e-mail outright will be highly impractical, if not impossible, for most organisations, some have taken the drastic approach of banning e-mail communication at certain times. Last year, food group Nestle Rowntree became the first company in the UK to introduce the idea of an "e-mail-free Friday" to boost employee interaction and promote verbal communication. And last summer national lottery operator Camelot had a four-week trial of not sending or receiving non-urgent e-mail on Fridays to improve staff relations and encourage other forms of communication.

Banning e-mail would be too high-handed an approach for the majority of organisations, however, and many will feel that e-mail is too important a form of communication to forgo. "You've got to laugh, haven't you," says David Roberts, chief executive of corporate IT user group The Infrastructure Forum. "Somebody must have suggested it with their tongue in their cheek."

Others are more forthright. "It's a load of crap," says Stuart Morrice, marketing director of e-mail security consultancy Peapod. "We work in a global economy. Of course we have to have e-mail." He admits that serious action is needed, however, arguing that e-mail abuse poses even more of a security threat than viruses.

Most organisations will be best served by a policy of managing, not barring, e-mail usage, although even here there are some that favour the iron fist over the kid glove. Recently automobile giant Ford went on the offensive, warning its 20,000 UK employees that they had just two weeks to remove all pornographic and other potentially offensive e-mails from their PCs. Any staff caught sending "unsuitable" material by e-mail or found with "offensive" material on their hard drives after this amnesty period were warned they risked the sack.

Such an approach is not without its hazards, however. "There's a whole spectrum of dangers out there," says Morrice, pointing to the risk of falling foul of legislation such as the Regulatory of Investigatory Powers, the Human Rights and the Data Protection Acts. He stresses that companies need to inform employees about their intentions as they could face legal action if they conduct unannounced, random spot-checks on employee e-mail and start using content management software covertly. Purdham agrees saying this approach will also undermine employee confidence in the organisation. "It is sacrosanct that no "stealth" monitoring tactics are used," he says. And, of course, a workable e-mail policy must have user acceptance of the guidelines.

Morrice also warns of the practical problem of finding offensive material, which is often "hidden" in spreadsheets and attachments.

But not everyone believes the problem is so large that it warrants such an approach. Roberts believes that the number of people abusing systems is fairly small and he doesn't see productivity as a big issue. "I wouldn't judge it as a tremendous threat," he says. "It's no different to people taking 14 coffee breaks a day. As long as they are fulfiling their obligation to the company, most companies wouldn't mind, although that would obviously stop if the e-mail contained anything illegal."

In terms of best practice, it's generally accepted that organisations should draft an acceptable e-mail use policy. Purdham stresses the importance of getting input and assistance from the HR department, having the policy reviewed by an employment law specialist and subsequently communicating the key tenets to employees in a clear, written document. Staff feedback is also imperative to ensure that the policy is workable and fair, he says.

Morrice emphasises the importance of addressing day-to-day business when drafting such a policy and setting up a policy steering group with representatives from both the HR and IT sides of the organisation, making sure it meets regularly to review the policy. He also recommends doing e-mail audits - a service which his company's consultants conduct in association with a barrister.

Roberts says enforcement is an essential part of the policy. "It has to be a policy with teeth," he says. "Passive strategies don't work. Without monitoring and validation a policy will become an empty threat." The policy should also be flexible. He stresses the importance of experimentation, encouraging feedback from users and adapting your strategy accordingly.

One key area to address is content. On top of the vast amount of spam doing the rounds at any given time, a large proportion of e-mails sent to organisations comprise personal e-mails, jokes, games and other non-work related e-mails. "About 55%-60% of the e-mail we look at [when conducting e-mail audits for companies] is non-business related, and that includes racist, sexist and defamatory content," says Morrice. Such e-mails can have a large cost to the organisation and can have a serious effect on employee productivity, so much so that Purdham calls them "productivity viruses".

The maxim that should be drummed into users is brevity before verbosity: circumlocution is akin to a sin in e-mail terms. Keep to the subject and make sure the subject of the e-mail is clearly flagged up. As well as taking up less storage space, this will save the recipient's time. Senders should re-read their message before hitting the send button to make sure the message is understandable, appropriate and doesn't contain material that could reflect badly on the organisation.

The use of attachments, especially photographs and animated graphics, can seriously affect network performance. "The strain that bandwidth-consuming e-mail attachments place on the network should not be under-estimated," says Purdham. He points out that a 5Mbyte attachment of a joke screensaver, for example, uses the equivalent bandwidth of 160 average-length text e-mails. Key tips here include:
  • Only send attachments if the information has been specifically requested
  • Don't attach information when you can type it in the main body of the e-mail
  • For large amounts of material use file compression software or send via an alternative method
  • Make sure the recipient has the application to open the attachment
  • For added security, attach Word documents in rich text format to remove any program scripts and macros.


Education and training are also vital components of any e-mail management strategy, although Purdham says they are grossly lacking in UK business. "There is still a long way to go in educating businesses and employees about what exactly constitutes acceptable e-mail use in the workplace," he says. E-mail gives the user a large degree of autonomy. Without training, users will develop bad habits and not buy-in to best practice.

It is important to issue acceptable use of e-mail policies to all new staff during their induction and hold workshops for existing employees to promote best practice. These guidelines should be posted on the intranet - if there is one - or a similarly visible location and backed up with an awareness campaign supported by both the HR and business teams.

The last cornerstone of a successful e-mail management policy is the use of content management software. This will help to screen e-mails for viruses, inappropriate content, spam-type e-mails and overly large attachments and will help guard against the leaking of company sensitive information.

The good news is that by taking the time to formulate an informal e-mail usage policy, underpinned by e-mail management technology and end-user buy-in, organisations can dramatically increase the effectiveness of what should be a highly efficient communication tool. As Roberts points out, e-mail is still a relatively new phenomenon and we're still learning how to use it to our best advantage. So don't despair. If you've lost that e-mail loving feeling, maybe it's time you went about getting it back - it's not too late.

What is an acceptable e-mail use policy?
 Steve Purdham, chief executive of SurfControl, recommends keeping the draft policy simple and free from legal language. The underlying principle you should communicate is that if you are not prepared to write your message on company letterhead, do not write it in an e-mail. It is a legal document and should be seen as such although all too often it is not.

Key points to include are:
  • E-mail content: for example, avoiding using e-mail for sensitive or emotional messages or offensive content
  • Spam: what to do when you receive nuisance e-mails
  • Which e-mails to open: how to recognise potentially dangerous e-mails and/or attachments
  • Company sensitive information: looking after important company data and information
  • Ethics of e-mail use: such as, using the "CC", "BCC" and "Reply to all" buttons as a political tool.


A free online guide to e-mail best practice is available at www.surfcontrol.com/resources.

Ten useful tips for better e-mail usage
  • Keep e-mails brief and use meaningful subject lines
  • Re-read messages before sending to check for clarity and to make sure they contain nothing that will embarrass the organisation or make it liable
  • Understand how to use - and don't mismanage - CC and BCC: only CC in people that really need to receive the e-mail
  • Never add an attachment unless it has been specifically requested and avoid sending them if you can include the text in the main body of the e-mail
  • Attach Word documents in rich text format to remove any program scripts and macros and make sure that the recipient has the application to open the attachment
  • Use file compression software for large attachments or send them using an alternative method
  • Archive effectively: use folders and only save relevant messages
  • Don't overuse the "Urgent" flag as it will lose its value
  • Never reply to spam
  • Use the e-mail program's junk filter, taking sure not to set the rules too high so that useful e-mail is lost.

So you think white-collar workers never send offensive material by e-mail?
 A national survey on e-mail ethics, published in March, revealed that 53% of employees in the UK's largest cities behave "e-morally" on e-mail while at work by sending messages containing racist, sexist, pornographic or discriminatory content and using e-mail to undermine colleagues. The survey looked at 800 white-collar workers - 100 each in Newcastle, London, Edinburgh, Cardiff, Birmingham, Manchester, Leeds and Liverpool.

Key Findings:
Nearly 30% of the respondents admitted to sending racist, sexist, pornographic and discriminatory e-mails at work:

City % offending
  • London 36%
  • Manchester 36%
  • Leeds 31%
  • Newcastle 28%
  • Edinburgh 28%
  • Birmingham 24%
  • Cardiff 20%
  • Liverpool 18%

Thirty-eight per cent of the respondents admitted to using e-mail as a political tool to create problems for colleagues by highlighting their mistakes and either copying or blind-copying the message to other recipients as well as using e-mail to tactically or politically further their own careers

City % offending
  • London 55%
  • Leeds 40%
  • Cardiff 39%
  • Newcastle 37%
  • Manchester 34%
  • Birmingham 34%
  • Edinburgh 32%
  • Liverpool 29%

A further third of employees said they preferred to hide behind e-mail rather than deal with a sensitive situation face-to-face or over the telephone.
An error occurred on this page.
An error occurred on this page.