by Paul Rubell
Yet another company has blocked its employees from accessing their personal email accounts. This time, it’s the Atlanta law firm King & Spalding.
Should employees be able to bypass their employer’s network and use their own email and social media accounts? This blogpost considers the legal and practical issues.
It is appropriate and prudent for employers to restrict or prohibit employees’ ability to access their personal email from their place of business. This especially applies to email accounts from insecure email services that are commonly hacked and are also used by many millions of users. These include Gmail, Hotmail, and Yahoo.
There are a number of reasons that support these kinds of restrictions.
For one, many publicly available and free email services and websites are notoriously insecure and capable of being hacked. They are also frequent targets of denial of service (DNS) attacks. When an employee accesses her email from the workplace, and if her email account has been breached, the employer’s internal network becomes immediately susceptible to vulnerability and compromised security.
In addition, every business needs to keep its confidential business information secure. But this applies on a more urgent basis to companies that are regulated, such as healthcare and financial services firms. In these cases, not only is there business exigency but also statutory and regulatory compliance that would be in peril, were security compromised.
Another reason why employer restrictions are prudent lies in the potential for inappropriate material to be disseminated throughout the workplace. This could put the employer and management at risk of discriminatory lawsuits and claims, as well as adverse publicity.
Still another basis for employer restriction is common sense business. If an employee is accessing her personal email on company time, the company is losing productivity.
What do you think?