Here’s a great article by Brian O’Connell of CPA Site Solutions on how to deal with email security difficulties. The context of the article is from the perspective of the accounting industry, but I’d say it’s an extremely universal topic that actually impacts almost every kind of company today.
The premise of the article is that email is generally accepted as a dependable way to communicate and share files…. And then he points out that in reality, email isn’t very safe. Sound familiar? - And for you encrypted email lovers out there (you know who you are), I'd like to quickly mention that while encryption can make it harder to open an email or attachment, it does nothing to prevent it from being intercepted.
Brian draws a very important difference between “security” and “privacy” that I want to highlight.
"Privacy is the shield that protects a person’s identity while actively sharing information via the web.
Where privacy is about keeping the door locked, security is about the lock itself.
Security is the actual online authentication and authorization protocols that networks use to protect information and the audit system used to verify the overall system’s effectiveness."
While I agree that the distinction is important, I’d also like to point out that an organization must protect both the security and privacy of confidential information in order to comply with the growing number of data protection laws and compliance mandates. I wouldn’t worry too much about the distinctions, but instead focus on the need to have visibility and governance over all files, data and information that are being shared both within your company and also externally with business partners and customers.