HP was forced to disclose its second quarter forecast before the scheduled official announcement date due to one of those unfortunate email address slip-ups. An email containing the latest financial results was accidentally sent to an unintended external recipient.

I am sure that many of us can sympathize with the employee’s mistake. The common use of multiple address books containing internal and external addresses often mixed with personal contacts in combination with the oh-so-handy recipient type-ahead feature of contemporary email clients make it very easy to send a message to the wrong address.

Thankfully, in this particular case other than embarrassment no real harm was done, since the leaked information contained all but good news for HP. Just imagine if the message contained proprietary engineering specs, customer or employee data, strategic marketing plans, … The list goes on, you fill in the blanks.

This raises the issue of good email practices and enforced policies that would help to avoid such situations.

Here are a few examples of how to prevent this:

• Do not send confidential information via email, use a secure document sharing system instead.
• If email is used, make sure to protect the message and/or attachments through encryption and possibly Digital Rights Management (DRM).
• Implement an outbound content inspection and traffic monitoring solution that enables flexible use policies and workflow.

Technorati Tags: HP email leak, email policy, outbound content inspection

If you are new here, you may want to subscribe to my RSS feed. An RSS Subscription will deliver new Blog posts automatically to your computer.
Thanks for visiting!