We often talk to our customers and prospective customers about the various benefits of using classification, such as stopping the malicious insider, ensuring your sensitive information is secure, keeping internal information from inadvertently leaking, and many more.
But, what about the basics? What about the dreaded ‘reply all’?
Generally, we think about ‘reply all’ incidents as a source of embarrassment and potentially an information leak. But not every ‘reply all’ scenario impacts your reputation. I’m talking about the scenario of hitting reply all…and there are 840,000 colleagues on the distribution list. Uh oh…
That is exactly what happened recently at the National Healthcare Service (NHS) in England. An employee sent an email without realizing that they had accidently copied 840,000 of their fellow NHS coworkers. While unintended and embarrassing, this email itself was not a significant issue until many hundreds of the recipients decided to ‘reply all’ to complain about the email, creating more than 84 million more unwanted [spam] messages, clogging inboxes, and chocking the email system which swiftly…slowed…to a crawl…
Can this type of mistake really be prevented? You bet! With TITUS Classification Suite, your administrator can set up a very simple policy – and we have done so here at TITUS – whereby when you have included more than a specified number of recipients of your email, a warning pops up asking you if you really want to send the message to that many people. This warning provides the user with the opportunity to react with, “Oh my gosh, NO!” and go back into the message to clean up the recipient list, or ‘Send Anyway’ because the message really was meant to go to everyone.
A simple solution to what could be an organizational catastrophe…or perhaps just embarrassing. It also acts as a means to help modify user behavior. The biggest problem in this case was not the original email, but all the co-workers at the NHS who decided to ‘reply all’. Each policy warning that is triggered before the message is sent helps remind and educate users of appropriate and safe email practices so they don’t make mistakes in the future, even if they are working outside a security net like TITUS. A small shift in user attitude can result in powerful information protection in our rapid information sharing world, especially for organizations that handle sensitive health records and other personal information.
What is your organization doing to help prevent user error and the dreaded ‘reply all’?