Page 1 of 1

E-Mail policy for church leadership

Posted: Tue Apr 01, 2008 8:00 pm
by kalebpederson
Is there a general e-mail policy for church leaders?

I know that in this thread it's mentioned that name, address, phone and e-mail is considered sensitive data. However, many people view e-mail as secure and are willing to send e-mails containing this information to other church leaders.

I might venture a guess that two leaders who have ldsmail e-mail accounts could both log on and send information back and forth securely, as long as they don't have POP or IMAP setup (without TLS or some other encryption mechanism). However, is this acceptable? What about ldsces e-mail accounts?

I would really like to have something stronger than, "I really don't recommend this!", even if it's simply do not do this until a policy has been established.

Thanks.

--kpederson

Posted: Thu Apr 03, 2008 10:15 pm
by JamesAnderson

e-mail and other transmission methods...

Posted: Tue Apr 08, 2008 7:17 pm
by kalebpederson


Yes, that's very useful as it clarifies the policy.

I do, however, completely disagree with the statement at the end:

"
Security Risks with Internet E-mail
E-mail is just as secure as postal mail in the USA and is substantially more secure than postal mail in developing countries. This is not to say that either e-mail or postal mail is totally secure.
"

Having been hired to configure, re-configure, analyze, or otherwise secure e-mail servers, etc., I know that at many ISPs this is far from the case :(.

--kpederson

Posted: Wed Apr 09, 2008 6:19 am
by WelchTC
kpederson wrote:Yes, that's very useful as it clarifies the policy.

I do, however, completely disagree with the statement at the end:

"
Security Risks with Internet E-mail
E-mail is just as secure as postal mail in the USA and is substantially more secure than postal mail in developing countries. This is not to say that either e-mail or postal mail is totally secure.
"

Having been hired to configure, re-configure, analyze, or otherwise secure e-mail servers, etc., I know that at many ISPs this is far from the case :(.

--kpederson


Noted. Thanks for the information. As with all forms of communication, we should be extra cautious and careful when dealing with sensitive and confidential information.

Tom