Of all companies, you’d think HP would have some sort of control over this type of thing by now.  Although an itchy trigger finger sent HP earnings guidance out early, it was good enough news to pop the stock 3%.  According to the Financial Times, an employee accidentally leaked financial information "through an internal e-mail sent on Monday evening to a single outside party."

Two key takeaways:
1.  This is another example of a non-malicious action leading to an embarrassing corporate moment
2.  There are apparently no controls in place to stop what would have been easily identified by context alone and intercepted for return to the sender for confirmation

No this is not a post on Thomas Paine’s masterpiece from the Revolutionary War, but commentary on one of the responses to my comment yesterday on the Fortune mag blog The Browser.  I offered up my opinion (in a mildly sarcastic way) that we need a Miranda Warning for email and another commenter pointed out that we have something for this already – common sense.

I couldn’t agree more…people just fail to use it.

I have covered the people-side of the email risk equation in posts about a Miranda Warning for Email and a recent Seattle Times article about thinking before you send. Even today via Fortune there is a story on how E-mail may be hazardous to your career.

To illustrate what I mean by self-review, I am attaching what our SenderConfirm product provides the sender of an email when a policy is triggered. It functions like spell-check – if an email triggers on a pre-defined set of rules, the message is held and the sender engaged to help clarify.

Call it a moment of reflection.

Yes, this is a pretty shameless plug for a MessageGate product, but it was designed based on what the market told us and the workplace realities of email dependence.

There is no one technology solution that will magically change end-user habits overnight, but an approach like SenderConfirm gets at the root cause of the problem (people’s actions) and incorporates business realities like the lack of interest in setting up an invasive/expensive monitoring infrastructure and/or disrupting the flow of email traffic.

Trust the employee to do the right thing. One thing we have seen over and over is that 99%+ of “breaches” are not the result of malicious intent…just people trying to get their jobs done and not focusing on usage rules or information safeguard policies.

Article in today’s Seattle Times by Marc Ramirez about email use and the implications of not thinking about what you are sending. Reinforces several of the same things from my earlier Miranda Warning for Email post.

It also profiles a new book by David Shipley of the NY Times and Will Schwalbe of Hyperion Books – Send: The Essential Guide to Email for Office and Home. Not sure if it is worth a purchase as Marc compared it to trying to make “a bottle of wine with a few choice grapes” so not the highest of praise for sure.

Good article on the recurring theme of email being both huge source of risk and essential business tool.

Got a kick out of this – declared by Fred Wilson of Union Square Ventures and followed by Jeff Nolan there is a way to get out from under the mountain of email piling up in your Inbox and the demands it places on you – declare email bankruptcy.

Whether this is closer to liquidation or reorganization remains to be seen but certainly is a great way to surrender from the juggernaut that is our Inbox. Especially true if, like me, you have been out of the office for a few days and have been on a Blackberry alone.  Wired did a piece on this a while back and instructs you how to engage with your "correspondence creditors."

Looks like Fred is going with liquidation while Jeff is going to reorganization by opting with voice-only communication going forward.

I always tell people that I read every email I receive, I just don’t reply to them all – and that is proving more and more difficult but I think I can stave off email bankruptcy in the near term although I am on shaky ground.

In a recent conversation with a CISO, he was lamenting the amount of time he spends on incidents and events related to employee-generated email.

He certainly believes what we have seen at MessageGate which is that most unauthorized usage is not malicious but that there is certainly a lack of awareness about the implications of hitting the send button and creating a corporate record.

The conversation evolved and he remarked “you know what we need? A Miranda Warning for email. Something to let people know that anything they put in email these days may come back to them to explain, defend, or justify.”

That it has come to this or that email has become both our best friend and worst enemy is telling. At some point, the hassles of email will outweigh the benefits but we are still a long way from finding a better way to communicate and share in the workplace. In fact, one of our customers actually performed an analysis on the cost of an email vs. the cost of a phone call.  Email won…hands down.  The challenge is to get people to stop and think about what they are typing (or thumbing) before sending it along.  There are certainly a variety of ways to drive awareness from training seminars to a product like our SenderConfirm offering.

One company chooses to send email awareness emails – the irony in that speaks for itself.

Bad boys bad boys
Watcha gonna do, whatcha gonna do
when they come for you

Great post by Jeff Nolan on MS Outlook and the difference between what software is built for vs. what it ends up being used for (a great product management lesson and part of the natural evolution of new products).

Big surprise to everyone – people use their email for file storage!

It is certainly not what the application was designed to do, but it is how it is used and an entire generation of workers has this ingrained in their thinking.

We see pretty consistently that over 50% of the volume (size, MB/GB) of corporate email is due to MS Office attachments. Is Sharepoint or any of a number of other collaboration servers a more efficient way to share documents and work together? Yes. Will the world use email only for the pure purpose of communication? Nope.

Email has grown organically both in usage and infrastructure over a relatively short period of time (I got my first external email address at Andersen in the mid-90s) and it is now the de facto workflow, collaboration, file sharing, document management, [insert other category of enterprise software] out there.

I have followed Jeff’s blog for some time and first met him when SAP was an investor in one of my first start-up experiences.

Not that this question ranks up there with the greatest of all time, but it did come up recently in a conversation and thought it was worth sharing.

Regardless of whether technically you could lose one and not the other is not the issue here rather which do you put more value on?  If your inbox was taken away, would your world come to a halt?

I suppose this is dependent on what you do and how you manage your information.  If you are like most people, your email is your central file repository, contact manager, and #1 business application used during the day. Here’s how I see it:

   1. Inbox – information sent to you and/or many others

    * No control over who sends you what (other than spam/virus filters)
    * Some control upon receipt by automated or manual folders (managed folders approach)
    * Includes informational or no action types of messages where you are one of many, a distribution list member, or CC/BCC
    * Receiving something (i.e., successful delivery) is not the same as accepting it, agreeing with it, or implying you will act on it
    * Greater propensity to reply to an important messages thereby putting a copy of it in the Sent Folder

   2. Sent Folder – information you share with identified recipients

    * You send fewer emails than you receive and this requires deliberate action
    * Creates a personal audit trail to “prove” that you did something and when
    * Contains your original or modified work product (including ability to find the most recent one)
    * Identifies your most important contacts or at least those that you interact with more frequently

For me, I would choose the Inbox to live without. Maybe this is a function of how I work and spend my day – right or wrong. Whether you could live without both is another post.