(Paul Mah, TechRepublic) The rush to open e-mails via the network can lead to potential leaks via mobile devices and other unsecured devices. Smartphone device loyalty will trump standardization in the enterprise. While it is conceivable for IT departments to lock down access at every nook and cranny, the truth is not every organization will have the resources or expertise to do so. Let's highlight some possible avenues that might result in the inadvertent leaking of sensitive e-mails.

Avenues for e-mail leakage
One common scenario would be IT-savvy employees linking up their personal laptops to their company’s Exchange Server. Obviously, these additional workstations represent additional points of vulnerability, especially so if they are used outside the company premises. While it is possible to disable or block HTTP access to forcibly divert the access of e-mails to the LAN, this is hardly a practical solution against the backdrop of an increasingly mobile workforce. In this context, the use of VPN does not protect against the risk of e-mail leakage.

For organizations on Microsoft Exchange, it is trivial to enable Exchange ActiveSync to allow mobile devices such as Windows Mobile smartphones to access corporate mailboxes. However, this also opens the door to devices such as the Apple iPhone or iPod Touch, as well as other mobile phones that implement the Microsoft ActiveSync protocol. Organizations concerned about the security of such devices can, of course, disable such access from Exchange. However, Exchange push mail represents the most affordable option for many SMBs; they will be hard-pressed to pay for the steep licensing fees to implement a secure BlackBerry Enterprise Server with RIM BlackBerry solution.