In message <[log in to unmask]>, at 07:48:29 on Thu, 7
Jun 2007, Nigel Roberts <[log in to unmask]> writes
>> The ISP staff are quite likely to use that same "personal" email
>>address when logged in at home - which is a little more complicated
>>to arrange (and would the employer in your story be prepared to
>>facilitate that). The alternative is employees having three email
>>addresses (home, work and work personal).
>
>Again, as something like an ISP, this is something which we are happy
>to support. It's pretty easy, anyway, after all it's merely a POP3
>email box, and you set all clients except one to leave mail on server.
That won't work because the client that *isn't* "leaving on server" will
rob the emails from the other clients whenever it's active. There are
solutions, but we are getting too off-topic for this list.
>IMAP is equally usable.
But most IMAP clients are unusable :(
>> Maybe it would be simpler to suggest the employees get a webmail
>>account for the private email (and whatever address they like), and
>>allow them to access that from work quite separately from their work
>>email - at which point the employer's email systems don't have to be
>>involved at all.
>
>We prohibit this for security reasons. Webmail systems are inherently
>insecure as you can't (self-evident) turn off HTML email formatting.
>HTML email allows web bugs, malware and all sorts of DP as well as
>security issues, particularly for Windows usersn (we are moving,
>slowly, away from Windows)!
If the employer (with or without a vigorous risk audit) allows html
emails at all, then I would have thought most famous-name webmail would
also have better built in spam and virus filtering than the employer is
likely to be able to afford. Otherwise, yes, abide by the policy.
What are the Data Protection issues (given that it's only the employee's
private correspondence that's involved here)?
--
Roland Perry
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|