South African businesses must look to secure their e-mail environments as developing an understanding and awareness of all the issues is the first step to securing and protecting electronic documentation.
These were the observations made by speakers during the 2010 Cyberlaw conference where Mimecast, an enterprise e-mail management company offering SaaS-based e-mail security, continuity, policy control and archiving, together with cyber law firm, van Gaalen Attorneys, co-presented on the risks and obligations of electronic documentation.
Kendal Watt, solutions specialist at Mimecast SA, noted that with more than 35 Acts of law in SA alone requiring organisations to retain records for certain periods of time or make certain information available to courts, it is critical for businesses to understand what is needed and have the right processes and technology in place.
He pointed out that the conference topic, 'e-Justice in the context of e-Government.' was relevant as highlighted by the recent news of a security breach at local company, MWeb.
“Hackers accessed information via the Internet Solutions self-service management system and published 2 000 customer usernames and passwords to the Web.
“This is a big breach of security and privacy of the users and it is not clear how this will damage the company or what sanctions may be brought against its directors. IT security is every c-level executives problem,” he said.
Speaking during the same function, law firm van Gaalen Attorneys noted that primary concern for directors is that the board of a company is the ultimate protector of all electronically stored information.
“While the IT administrator may have a role to play, the final responsibility sits with the board. Saying 'I didn't know' or 'I don't do IT' is not going to protect you from ending up in court, your share price or your reputation” van Galeen said.
Watt added that by understanding e-mail risks, such as data leaks and social engineering, and regulatory obligations, the business leaders and board of directors can implement the best technology and policies to ensure compliance.
Share
