Netmail Blog

Is Mail Drop for Business?

Posted by Frederic Bourget

Jun 5, 2014 4:10:00 PM

Tuesday, Apple introduced Mail Drop. A new feature of their mail client that allows end users to send a large file transparently even if their mail server limits the size of attachments. They use their iDrive (cloud storage) to transmit the file and the end user sees a link to the file when not using Mac Mail. Microsoft announced something similar at MEC using OWA and Outlook which would allow large files to be sent transparently using Skydrive as storage. 

These systems will be great for end users when they become available. They finally allow users to continue to work transparently in email without pushing server side limitations and storage management problems on to users.

For all of us, these are great enhancements. It means we will not have to use third-party drive services to send large files to our friends and family. It means we wont't have to give our identity to yet another company for drive service, to risk our personal security again on the internet. It also means that I will not have to teach my mother how to use Dropbox or another online service, since these new features will be  integrated in the product she already uses and loves. Finally, email client software developers are now putting users first by thinking about their problems and solving them. Like many other applications these days, these new features are enabled by the cloud. The availability of high bandwidth to the end user now creates the possibility of making services available online.

But what about for organizations? Organizations provide additional services to their employees and require specific functionality to operate. These services were really designed with the consumer in mind. The first problem I can think of with these services is inbound security. I now have another path to verify for information. This allows for obfuscated malware distribution. When received in Outlook or in Mac Mail, these attachments will be shown directly in the message. It is not clear at this point if the client downloads the file automatically or only on open and it is not clear either if this download is over https. But there is major concern as to how viruses could bypass security to enter the organization. Imagine spearfishing with these services? One could craft a message that transparently delivers a malicious payload to someone¹s computer.

In addition, when an email leaves the organization, it is filtered for content using DLP (Data Leak Prevention) to ensure that confidential information, such as medical records, stay confidential. In this case, what we are doing is creating a bypass path for files. Now files will be able to be exchanged with another party without any oversight. The filters that look into documents and suggest encryption of confidential files will no longer be applied. In the healthcare industry, to name one, this will be an issue as executives are personally responsible for HIPAA compliance.

Finally, emailis also archived for legal retention. Most organizations must retain critical records regarding the ongoing operation of their business for a number of years. With attachments now being replaced by links, the attachments will not be archived. So a part of the organization¹s critical information will not be captured. How will organizations be able to run eDiscovery properly. There is cause for great concern with respect to using these consumer tools in organizations. Unfortunately, it is difficult for organizations to prevent the usage of these technologies. While they may help alleviate some of the mail server bloat organizations are experiencing, they are also distributing information in a way that leaves the organization high and dry.

Wouldn't it be nice to have a solution that offers the benefits without the challenges? A solution that provides the benefit of sending large files transparently over email for end users but still fully integrates transparently with email archiving, inbound security, outbound filtering, and reduces the size of the email database? Netmail Detach has been providing just that (and a lot more) and has been available for over a year.

Topics: Email Attachments, Attachment Management, Detach