Hitting Reply-All could be a security risk? [video]

Not just annoying, it also causes headaches for the IT security team

By , YouTube |  Security, e-mail list, reply-all

If you’re a fan of trying to get rid of Reply-All Syndrome (the condition by which an employee at a company feels the need to consciously or sub-consciously hit the Reply-All button to an e-mail sent to a lot of people, instead of just the sender), this week is a good week for you.

First, one of the more entertaining Super Bowl XLV ads was from Bridgestone, in which an employee “accidentally” hits Reply-All to an e-mail message, and then has to destroy every computer or mobile device that could access said e-mail.

Enjoy this “extended version” of the ad, which gives our hero a bit of revenge at the guy who pranked him:

Now comes word that Reply-All behavior may be a security risk.

In this video (below) from AT&T’s Chief Security Officer Ed Amoroso, he says that not only is it good etiquette by not hitting the Reply-All button on e-mail, but that it’s a good security practice as well.

“All too often we see Reply-All, Reply-All, Reply-All growing to some sort of a mail storm,” Amoroso says in the video, “that to a security team sometimes looks like it might actually be a virus raging out of control.

“… you’d be amazed at how many times during a week, reply-all storms and reply-all threads grow into something that makes a security team stop and wonder, hey, does this have some automated or malware component to it.”

It’s clear that attempts to appeal to people’s civility and etiquette style haven’t worked, otherwise we would have never seen the Bridgestone ad at this year’s Super Bowl. Maybe by linking this behavior to a security threat (IT can use the same approach of “Hey Dummy! Don’t open that e-mail attachment if you don’t know who it’s from!”), we’ll see a decrease in this behavior.

And if that doesn't work, we can return to my original idea of beating the Reply-All violator with sticks (just kidding!).

Join us:






Answers - Powered by ITworld

Ask a Question