Browse Definitions :
Definition

corporate email policy

A corporate email policy is a management document that formally outlines how employees can use electronic communication tools. The policy sets guidelines for what is deemed acceptable use and unacceptable use.

A company should have a corporate email policy in place to warn and guide employees against email threats such as phishing attacks. The policy may place limits on what types of files employees are able to open, download or exchange with others. The policy should outline what to do if an employee receives an offensive email, to protect against legal liability.

A corporate email policy may also include language covering personal usage of corporate communications systems, stating whether personal emails are accepted, if there are certain times of day during which personal emails can be sent, and if personal emails should be saved to a separate folder. Detailed guidance about prohibited content and the treatment of confidential data should also be included. Compliance and email retention may also be addressed.

Software tools are available that monitor and report on email content that may violate established policies. To enforce the guidelines outlined in the policy, a company should perform regular training that outlines email best practices and reinforces the consequences of email misconduct.

This was last updated in January 2016

Continue Reading About corporate email policy

SearchCompliance
  • OPSEC (operations security)

    OPSEC (operations security) is a security and risk management process and strategy that classifies information, then determines ...

  • smart contract

    A smart contract is a decentralized application that executes business logic in response to events.

  • compliance risk

    Compliance risk is an organization's potential exposure to legal penalties, financial forfeiture and material loss, resulting ...

SearchSecurity
  • threat modeling

    Threat modeling is a procedure for optimizing application, system or business process security by identifying objectives and ...

  • social engineering

    Social engineering is an attack vector that relies heavily on human interaction and often involves manipulating people into ...

  • distributed denial-of-service (DDoS) attack

    A distributed denial-of-service (DDoS) attack is one in which multiple compromised computer systems attack a target, such as a ...

SearchHealthIT
SearchDisasterRecovery
  • change control

    Change control is a systematic approach to managing all changes made to a product or system.

  • disaster recovery (DR)

    Disaster recovery (DR) is an organization's ability to respond to and recover from an event that affects business operations.

  • risk mitigation

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

SearchStorage
  • race condition

    A race condition is an undesirable situation that occurs when a device or system attempts to perform two or more operations at ...

  • storage security

    Storage security is the group of parameters and settings that make storage resources available to authorized users and trusted ...

  • cloud storage

    Cloud storage is a service model in which data is transmitted and stored on remote storage systems, where it is maintained, ...

Close