authentication requirement.
Internal Complications
But while the gateways are complicated, there are even more complexities of business email that exist completely inside the gateway, none of which are issues for consumer email.
• Security. Most computer security failures come from within the organization, most often because an employee has unwittingly allowed malware to infect their machine. This can happen even with the most secure gateway in the world, as users can be tricked into downloading the malware, most often via the web or a USB storage device. Once a machine is compromised, it can easily be used to subvert all communication-related security. While consumer email can also be compromised, the consumer depends on a service provider to deal with the problem, while a business needs to worry about it for its internal network.
• Privacy. Even though all corporate email typically belongs to the corporation, it is generally considered important to segregate the mail for each user, so that they can’t all read email to Human Resources or the CEO. This requires a certain amount of effort for account maintenance and administration.
Subtleties of Privacy
Compared to individuals, business email users have — or should have — a much more complex set of expectations regarding privacy. To begin with, the business typically owns the employees’ mail, and warns the employees that their email might be read under certain circumstances. In addition, the degree of privacy is liable to vary with regard to internal and external users, and internally by role and organizational level.
Legal and Regulatory Issues
Finally, most businesses operate under legal and regulatory constraints that are simply not relevant to consumers.
• Archiving. There is often a strong and highly specific business need for archiving. Some businesses want to keep all their information forever, while others want guarantees that it is completely purged after a certain amount of time. Both of these are tricky to do right; keeping information forever requires disaster-proof practices, while complete purging has to account for such pitfalls as backup tapes.
• Compliance. In many industries, legal or regulatory requirements place substantial burdens on corporate communication. Beyond archiving, which is often mandated, there are usually regulations regarding the handling of sensitive information, such as HIPAA in the United States. For an organization that is not in the communication or compliance business, it can be hard to know what regulations apply, let alone to comply with them all.
In short, business communication is vastly more complex than personal communication. Accordingly, while most individuals have long since outsourced their email to a large provider on the web, most businesses have kept it in house, because those providers simply don’t do everything that is necessary for business. That, however, is changing with the maturation of cloud computing.
