Gartner Blog Network


Doctor, it hurts when I do this

by Jay Heiser  |  August 4, 2014  |  2 Comments

C: we are concerned about putting our email into the cloud.

J: why?

C: Somebody might look at it. 

J: Somebody can already look at it, even when you do host your email server in house.  SMTP is a data leakage protocol, that isn’t designed to secure your data, but is intended to disseminate it as widely as possible. Email has always broadly exposed your data across the Internet, with both deliberate and accidental addressing of sensitive messages resulting in a steady stream of undesirable data leakage.

C: So what do you suggest?

J: For a start, an enterprise-managed File Synch and Share service would be a much more controlled way to share sensitive data. If you truly have data that you are concerned about leaking, then you can protect it with anybody number of higher end data sharing services that will maintain end to end encryption, and even control cut/copy/print/save on the end point.

C: Oh, we wouldn’t want to do that. We couldn’t transition away from email to EFSS, and we certainly won’t pay extra for something secure.

J: So what do you want to do?

C: We want to keep doing what we’ve always done, but we want to pay less for it, and if there is a failure, we want to be able to blame someone else.

J: I don’t think anybody sells a service like that.

Category: cloud-computing  it-governance  risk-management  security  

Tags: email  email-security  

Jay Heiser
Research VP
6 years at Gartner
24 years IT industry

Jay Heiser is a research vice president specializing in the areas of SaaS and public cloud risk and control. Current research areas include SaaS governance, cloud provider transparency and digital business risks.Read Full Bio


Thoughts on Doctor, it hurts when I do this


  1. […] Source: Doctor, it hurts when I do this […]

  2. […] Doctor, it hurts when I do this [Gartner Blogs] […]



Comments are closed

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.