Documente Academic
Documente Profesional
Documente Cultură
com/features/99-email-security-tips-112006/
Stay Current
Features
Hacking Email: 99 Email Security and Productivity Tips
Everyday, and some not everyday tips, on how you can keep your email safe and secure.
719
diggs
digg it
When people read out a phone number, they use "phone rhythm." No one has to explain "phone
rhythm," we all just seem to do it automatically, "…713...555...12…34". Similarly, when we
answer a phone call we all say, "Hello." No one taught us to do that, but somehow we all
seemed to pick it up.
So why is it that when it comes to emails, there are no accepted standards? Even though 6
billion emails are sent every day, almost no one agrees about simple things like email etiquette,
how to organize a note, or whether emails are considered private or not.
The 99 tips in this article make up the best in email practices. From how to ethically use the
‘BCC:' to what attachments will make your mobile emailing compatible with everyone else's, this
list covers everything you need to know about emailing.
Etiquette
We're all guilty of bad manners once in a while, but when it comes to emailing, some
people are downright clueless.
1.
Don't send private messages with the company account. If you want to send
personal messages from work (and you should probably try to minimize this), use a
freebie account like Hotmail, Gmail, Yahoo!, or Excite, if your office permits it. The
content of your emails is less visible to employers through these accounts, so the
private messages you send will stay private.
2.
Use BCC if necessary. If you must send a group email to people who do not know
each other, don't add their addresses to the form's CC field; this is one method
spammers use to harvest email addresses. Instead, use BCC (Blind Carbon Copy)
for their addresses, and put your own email in the form's "to" field.
3.
Don't send form letters. Its impolite to send form letters, especially to your friends
and colleagues unless they are all part of a group that is expecting them.
4.
Don't forward chain letters. Just don't do it. Enough said. That includes the email
that says that if you don't forward it to 10 people you'll die. I don't care how
superstitious you are, don't send them.
5.
Be professional. Ensure your work emails don't contain 'u', 'afk', 'ty', 'jk' and/or
several million other texting/chatroom acronyms. These developed because cell
phones' keypads aren't well-suited to writing fully-formed words, sentences and
paragraphs. In business communications, however, they may give the impression of
childishness and illiteracy.
6.
Be professional, part 2: Check tone. Be aware of the professional (or not)
relationship between yourself and the recipient before starting an email. Use that to
gauge what topics are appropriate to write or not, as well as the tone of your writing.
This may be common sense to most, but you’d be surprised at how often the rule is
ignored.
7.
Be careful. Email is not private; it can be intercepted anywhere en route to its
recipient. In addition, it can live on for years in recipient email boxes, later to return to
its sender in choice quotations. Think before sending email you will later regret.
8.
Cut down on sigs. Signature files, especially in business, should contain as few
lines as possible. Four lines is a figure generally agreed-upon. Email that consists
of a two-line statement and a ten-line signature will have its recipients rolling their
eyes.
9.
May I quote you? When you respond to an email, the original email is quoted. Cut
the most relevant sentence from the message to which you are responding, preface it
with a '>' (if it's not already there) and paste the quote above your response. Delete
the rest of the original email from your response, unless you are responding to other
points in the original.
10.
Don't use email when you are angry. This is a tip from Joan Tunsall's Better, Faster
Email (non-affiliate Amazon link). While most of the time email does not convey your
emotions, particularly humor, it somehow seems to transmit anger - even when you
don’t intend it to come through..
11.
Get clarification. If someone sends you an email that upsets you, make sure you
haven't misunderstood. As mentioned previously, emotion and tone do not always
carry over well in email. Instead of responding angrily, in your response, quote the
portion of text that you are unsure of and ask the sender to clarify. Indicate what you
think it means, if you like, then ask if you've misunderstood.
12.
Don't spam friends. Occasionally, company mail servers go on the fritz and send
forty-five copies of the same email to the recipient (personal experience). Even if it's
not your fault, it is polite to apologize profusely to your friend, family, or roommate.
13.
Consider the quirks of other email systems. For example, say that you have a
friend with a Hotmail account and want to send a list of hyperlinks. Hotmail doesn't
handle hyperlinks inside of an email very well. For example, you cannot easily copy
the actual URL, without a bit of effort. So anyone used to tabbed browsing, such as
with all recent web browsers (including, finally, IE7.x), may find it frustrating trying to
open a link in a new tab or window. It's hard to know about all types of email
systems, but some awareness reduces frustrating situations for recipients.
14.
Respond to group email appropriately. If someone has sent a group email that
requires a response, but only to the sender or a couple of parties, don't copy everyone
1 of 7 12/3/2006 7:18 PM
Hacking Email: 99 Email Security and Productivity Tips http://www.itsecurity.com/features/99-email-security-tips-112006/
on your reply.
15.
Don't respond to every group email. More specifically, it is alright to sit out a thread
of group conversation if you are not being addressed directly. However, read the
emails carefully to make sure that you are not being expected to respond.
16.
Respect email laws and regulations. Some countries have very specific rules about
bulk emailing. If you use email to promote your business, you need to know the laws
for not only your country but probably wherever you are emailing to. It's a tall order,
given the global village of the Internet, but its importance cannot be overstated.
Mobile Email
27.
Know your limitations. Mobile email is best for very dexterous people. It isn't always
the most productive way to communicate for everyone. Reading emails via mobile is
fine, but if you don't have the thumb dexterity to use the keypad to respond, save your
thumb the pain and just handle your emails on a computer.
28.
Use voice-to-text. There are mobile applications out there that will convert your
spoken word to text, which you can then use for mobile email responses. Because
this technology is just starting to go mainstream, if you want it you are going to have
to shop for phones specifically with voice-to-text capability.
29.
Duplication of email, or lack thereof. If you plan to access email from both a mobile
device and a computer, keep in mind that some email servers and client software
download each email to the device you are using, and delete it from the server. This
could be hazardous to your career, if you access with a mobile device, read it, and
then delete it with the intent of responding from a computer later. So make sure that
you know how your client handles the mobile/computer divide.
30.
Be exclusive. It's best to set up a separate email account for your mobile devices. If
you plan to be away from a laptop or desktop for an extended period, you can redirect
your regular email, with full filters on. Use this email account only for your mobile
device. By having to separate accounts you can make sure to send all your
subscriptions and other large regular emails to your main account. You can also sign
up for new products with the computer account to make sure you won't get
spammed, before you have those emails come to your mobile account.
31.
Don't send email attachments to mobile devices. If you know that a colleague will
be using their mobile device to check email for an extended period of time, avoid
sending him or her attachments. Send a snippet of text instead, if possible, or a URL
where they can download when they have access to a laptop or desktop.
32.
Use mobile email sparingly. Cellular wireless data plans often have a monthly
bandwidth cap. Sending attachments (or receiving them) can be hazardous to your
wallet. Some mobile email services function by letting you see that you have
attachments, but others will automatically download. So for the sake of you and your
colleagues wallets save the attachments for later.
2 of 7 12/3/2006 7:18 PM
Hacking Email: 99 Email Security and Productivity Tips http://www.itsecurity.com/features/99-email-security-tips-112006/
Email Attachments
The ability to attach documents has revolutionized the way in which we do business.
Despite its benefits, however, attachments are one of the least standardized parts of
emailing.
51.
Keep attachments small. If you are sending a large attachement to someone,
whether they have a free email or not, they probably have an inbox size limit. Stay in
good favor with them by only send attachments of no larger than, say, 30-40
Kilobytes, unless they've requested it of you. That means that many videos and large
pictures should be uploaded to the web instead of attached to an email.
52.
Don't forward attachments. Except in a work environment where it might be
expected, check with your intended recipient before sending attachments. If it is a
large file, consider that sending it may block their account from receiving additional
email because they exceeded their disk space quota. Attachments also take up
company resources and eat up bandwidth unnecessarily. For example, if you send a
PDF file to a group of, say, 10 co-workers, the mail server sends 10 copies of the
same file and uses up 10x the space.
53.
Include an excerpt. If it's sufficient/ appropriate, include an excerpt of the document
(instead of attaching it) in the body of your email.
54.
Send a link instead. You are better off sending a link to something, if the material is
already online, or you can easily put it up on a secure site.
55.
Share a file. If the file is not online, and if you have the right to put it there (i.e., no
3 of 7 12/3/2006 7:18 PM
Hacking Email: 99 Email Security and Productivity Tips http://www.itsecurity.com/features/99-email-security-tips-112006/
copyright issues, not company-sensitive material), then use a filesharing service such
as AllPeers, which lets you define who is in your buddy list. No one else can access
the document. There are also several online spreadsheet and word processor apps
these days. See Google Docs and Spreadsheets or Zoho. Both are compatible with
"Office" applications like Microsoft Office and Open Office, and let you share
documents. Once you've set a Google Doc or Zoho document to "share", you can
send colleagues a link.
56.
Share a file, part 2. If using file-sharing services or web-based office apps to share a
file is against company policy, try this. Most larger companies will have an Intranet
site, possibly with employee web pages. You may be able to upload your file to your
employee website. Just share the link in email. If your computers are part of the
same company network, you probably already know this, but there is usually a
common repository, possibly organized by project. If you and your colleague both
have the same network permissions, upload your file to the project area and email
them the directory path.
57.
Share a file, part 3. One alternative that works nicely, provided it is not against
company policy, is to use the file-sharing feature of a VoIP (Voice over Internet
Protocol) or VoIM (Voice over Instant Messaging) client, such as Skype or Windows
Live/ MSN Messenger. If you are in a large company, you might be using a more
corporate solution such as Lotus Notes, which, if memory serves, has its own
Messenger.
58.
Use Text/ RTF format instead of DOC files. Microsoft's Word files (.doc format) are
susceptible to some macro viruses. If you must send a document and cannot use one
of the options above, copy your document to RTF (Rich Text Format) first, then email
that as an attachment. Even if you don't have a virus on your computer, your
colleague may. If they receive an RTF file, then there is less chance they will respond
with a DOC file. (MS Word let's you work with RTF files as you would a DOC file.) It is
also okay to send .txt (raw text), .pdf, and image files. Bad to send: any .EXE or other
executable file. Possibly bad: .doc or .xls (Microsoft Excel spreadsheet) files.
59.
Consider using OpenOffice XML format. Open Office, a free open source
alternative to Microsoft Office, uses XML (PDF, 571 pgs, 1.5 Mb) text files, so they
are okay to send as well. (Text files cannot harbor viruses.) Open office lets you
create word processor documents, spreadsheets, presentations (similar to MS
Powerpoint), and drawings. It can read MS Office files, and can also output its XML
files to the appropriate MS Office format.
60.
Defer opening attachments. Don't rush to open an attachment just because it
appears to have come from someone you know. If you receive an attachment that you
are not expecting, don't open it. At least, first read the email and make sure that the
attachment is most likely legitimate. If you're still not sure, call/ VoIP/ email/ or IM the
sender to be sure. If the sender's computer has a virus, it may be attaching trojans to
all outgoing emails from them.
61.
Know what not to open. Opening spam can direct floods of it to your inbox,
multiplying the time you're chained to email by an order of magnitude. Beacons
embedded in spam - typically clear, one-pixel .GIFs sent from a machine controlled
by the spammer - advertise that you opened the email... and thus your address is
both valid and responsive. Let someone else do the work. Weeding out spam is
unpleasant, time-consuming and not unlike tip-toeing through a minefield. It's several
million times worse for ISPs, the more reputable of whom employ industrial-grade
filters that prevent the bulk of it from hitting their customers' inboxes. Doing some
legwork to determine which ISP filters the most before it hits you will ultimately save
you hours of grief.
System-Specific Mail
Here are some tips for some of the various email readers, including Yahoo, Hotmail,
Google Gmail, and Outlook. (Some Gmail tips are covered in the previous section.)
67.
Get Google Gmail. Google Mail, aka Gmail, is a relatively new contender in the email
reader market, free or otherwise. The problem is, you either have to be invited or use
your mobile phone, with text messaging capability, to sign up, if you live in a select
country (Australia, Indonesia, Malaysia, New Zealand, Philippines, Singapore,
4 of 7 12/3/2006 7:18 PM
Hacking Email: 99 Email Security and Productivity Tips http://www.itsecurity.com/features/99-email-security-tips-112006/
Thailand, Turkey, United States). It's a strange list of countries, and the ones not
included are as much a surprise. But if you can manage to get a Gmail account, it's
worth it. It's an incredibly effective webmail system.
68.
Use Gmail formatting sparingly. Google Mail uses a very rich format for text, even if
you don't explicitly apply formatting. It's nice to look at, but if you are using Gmail and
sending to someone who is not, do not use any additional formatting.
69.
Visually track your Gmail conversations. Gmail has a nice little feature that makes
it easier to track a conversation thread visually. Beside each entry in your inbox, there
is a little "star" that when clicked on turns yellow. If you use your Gmail account for a
variety of incoming sources, the star can help you find a thread easily. When you are
done responding, you can turn off the star.
70.
Archive your Gmail conversations. Gmail makes archiving email threads extremely
simple. Other email systems let you keep folders as well. Gmail lets you attach
"labels" instead of moving items to folders. You can attach more than one label to
each email thread, thereby making it easier to find later. Labeled threads can stay in
the main inbox, or be "archived" to what amounts to a folder with the label name. If
someone that is part of the conversation thread responds after the email has been
archived, it resurfaces in the inbox with its label(s) intact, and can be re-archived if
desired. This nonlinear, "conversation object-oriented" treatment of the entire mailbox
in Gmail can be a more productive way to use email, if you are prepared for the
differences. It's a feature that is more common in standalone email clients, but
relatively new to web-based email readers.
71.
Utilize free Gmail disk space. Gmail offers over 2 Gigabytes of disk space for each
email account. If you are using the Firefox web browser, there is a neat little plugin
called Gmail Space that turns your Gmail account into a supplemental storage area
for files of any type and size. The interface is brilliant, easy to use, and looks a lot like
an FTP client. Once you sign up for a Gmail account, you to send out 15 invitations
for new accounts. Each invited account can invite 3 more people. While you don't
want to abuse it, you could probably use a few of those invites yourself. Just imagine:
2 accounts in your name gives over 5 gigabytes of free disk storage. This is great for
moving large files around between two computers that are not networked. There's no
limit to file size, but the Gmail Space notes say that you should try to avoid
transferring over 1 Gigabyte in the same day, else Google may block your account.
Also, it functions at present, but may not if Google changes Gmail in anyway.
72.
Gmail document conversion. Digital Inspiration has yet another Gmail tip, this one
for converting a variety of file formats into HTML automatically. It's so simple, you'll
be pleasantly surprised.
73.
Gmail MP3 player. This feature is pretty easy to discover, if someone sends you an
MP3 attachment, but Digital Inspiration explains how you can play MP3 files with the
Gmail player without logging into Gmail.
74.
Hotmail quirks. Hotmail has the quirk that if you click on a link inside of an email, a
new window pops up, regardless of the web browser you are using. Sure it's one of
the oldest webmail systems and sure there are millions of people using it, but power
email users should avoid it like the plague. With Gmail or even the new Yahoo beta
mail around, why bother with Hotmail?
75.
Outlook upgrades: call contacts. Microsoft Outlook has of late been getting "add
ons". There are several add-ons that integrate with your contact list to allow you to
call phone numbers from Outlook. For example, assuming you have Skype software
(free) running on your computer, the SkypeContact Dialer for Microsoft Outlook will
initiate a VoIP (Voice over Internet Protocol) call on Skype. Skype, if you don't already
know, is just one of many free software programs that let you actually make voice
calls from your computer to either another computer or even to landline phones. (You
can read more about VoIP at VoIPLowdown.com.)
76.
Outlook upgrades: RSS reader. The newest version of Outlook lets you subscribe to
RSS (Really Simple Syndication) "news feeds/ headlines". These are the same type
of "headlines" you see in Gmail or at a site like myYahoo.
77.
Yahoo mail beta: AJAXified. Yahoo! Mail has a new version that's just released that
uses AJAX and all kinds of web2.0-ish features that are supposed to enhance it. If
you do not like the workflow of Yahoo, try out their new "beta mail". It has multi-tabs,
to allow viewing of multiple emails simultaneously, and drag-and-drop of highlighted
emails into folders, fast deletion of blocks of consecutive email items, RSS feed
viewing, a calendar to manage tasks, and other features. If you don't like it, you can
switch back. At least for now.
5 of 7 12/3/2006 7:18 PM
Hacking Email: 99 Email Security and Productivity Tips http://www.itsecurity.com/features/99-email-security-tips-112006/
6 of 7 12/3/2006 7:18 PM
Hacking Email: 99 Email Security and Productivity Tips http://www.itsecurity.com/features/99-email-security-tips-112006/
If you would like to learn more about email security, visit the IT Security Email Resource
Center. For specific email security solutions, see the IT Security Email Security Comparison
Guide.
On December 7th at 4PM EST, IT Security and IronPort are presenting a webinar titled
"Beyond the Perimeter - Securing Email". This webinar features Stig Ravdal, CSO of Quiznos
Sub, and David Mayer, Product Manager of IronPort. If you would like to attend, click here.
7 of 7 12/3/2006 7:18 PM