The answer is never, but individuals can often change back to personal email accounts. Large businesses have many risks involved with the availability of mobile email. These risks should be enough to hinder using personal email accounts for business purposes.
If, for example, an employer is out of the office and is required to work remotely, cloud computing should be available through the business email on a mobile phone or computer. This would be a far easier route than reverting to a personal email account.
Personal email accounts exist outside of the IT department’s control. They are not subject to backup, archiving, security or governance, so using them for business is a clear violation of compliance regulations. And since personal emails are not stored on company servers, discovery and FOIA requests are seriously compromised, presenting legal risks to your business.
What are the legal risks involved in using a personal email for business purposes?
Your company’s information is stored on mail servers in many out-of-reach places when employees are allowed to use personal email accounts to conduct business. These places could be anywhere without knowing where your company’s data is being stored. Third parties such as Managed Service Provider (MSP) services would be required to help track where the data is transmitted and subsequently stored.
Understanding the risks and implications of using personal accounts for business is not always evident until there are internal investigations. In these cases, those personal email accounts may contain relevant information that must be available for search and retrieval.
In standard legal discovery procedures, personal emails are not discoverable. This makes even the simple act of discovery difficult. Google, for example, prohibits external scanning of users’ emails, meaning the company will have to order the user to scan their emails themselves and runs a massive risk of spoliation sanctions.
If an employee is using personal email accounts to send business-related emails using a company device, it doesn’t mean the company has the right to search through those emails.
Corporate risks involved in using a personal email for business purposes
Allowing employees to use personal email for work poses serious risks of IP theft, losing company privacy or violating customer privacy, and disrupting network operations due to exploits that can be carried out on unsecured computers.
Personal email compromises company secrets and exposes company correspondence to unrestrained searching. This may result in the need for computer repair or IT security maintenance.
Continuity could pose a threat if an employee decides to leave a company. Those emails would leave with the individual, which could contain valuable and relevant information. This information could make future searches difficult.
Employees might use a personal email address to set up functions critical to your company’s daily operations. The employee’s email address then becomes the sole owner of the account, so if that employee leaves, you may have a difficult time taking ownership of the assets they set up on the company’s behalf.
In short, many risks are involved with using a personal email account to conduct business. Therefore it is strongly not recommended.
At Partners Plus, we have more than 30 years of experience in handling any IT problems that rear their ugly heads. From data backups to Dark Web monitoring, we are committed to protecting your business, whether it’s a small or medium-sized business.