July 29, 2008

Carl Frappaolo, AIIM InternationalE-mail has grown to immense proportions in virtually every vertical industry as a means to communicate and share content both within and outside the firewall -- banks are not unique in this regard. The challenge laid before today's organizations is to develop and document a policy regarding the use of e-mail. The policy should then be enforced through the use of a host of content security technologies.

Fraud can be perpetrated in many ways. Each organization needs to determine the specific type of fraud it wishes to protect against. Then targeted use of technologies -- such as spam filters, Public Key Infrastructure (PKI) authentication, policy-based content encryption and data loss/leak prevention solutions -- can be deployed to minimize or avoid fraud through e-mail.

It is also important to realize, however, that education and best practices are still a must-have. Users of e-mail need to be vigilant of potential fraud and not respond to e-mails that do not follow bank policy. Here, spam filters can definitely provide assistance by cutting down on the amount of incoming junk mail. Organizations should also determine if e-mail is being abused (i.e., used for functionality it was not designed to effectively deliver) and strategically replace certain abuses with workflow, wiki and blog technologies.