January 31, 1994

Careful thought needs to go into unit policies

System administrators and computing service managers need to answer these questions for faculty and staff in their units:

  • Is undeliverable mail discarded, examined for delivery clues, or automatically returned to sender?

  • Is message content stripped from rejected or undeliverable mail?

  • Are messages stored in clear text or encrypted while waiting to be delivered? How are they stored after delivery?

  • What effect does file system backup have? Is e-mail backed up? How long are backups retained? How often are backups made?

  • Where is mail stored while waiting to be delivered and after delivery? How secure is that location?

  • When I delete a message is it gone?

  • Does the system make a copy of rejections? With text or without?

  • If I go off campus, how long is my mail held for me? Are there limits on how much mail I can receive, store, have waiting?

  • How long will my machine try to deliver outgoing mail before returning it as undeliverable?

  • Is there a way my mail can be absolutely private?

  • Should I send sensitive documents by e-mail?

  • Can I encrypt mail?

  • What kind of security features are available to me now? What is planned for the future, and when will that become available?

    Recommended actions

  • Use encryption software packages.

  • Install a filter to keep text from view of postmasters or others.

  • Require postmasters and others to adjust windows on their screens in order to exclude text.

  • Train and expect those with special access privileges to “attention out” before the text of a message scrolls by.

  • Set a standard of asking the user’s permission prior to looking at text.

  • Train and expect those with special access to use special self-restraint or to ignore the content of any private message or file.

    • Tags:

    Leave a comment

    Commenting is closed for this article. Please read our comment guidelines for more information.