In the event that a company can’t prevent a cyberattack, it can be prepared by having nothing to hide and teaching employees to be careful with what they email, say internal communications professionals.
Hacks similar to the one that leaked Sony Pictures Entertainment executives’ offensive and embarrassing emails and confidential employee information last month are likely to affect 60% or more brands in 2015, according to Forrester analysts.
Although it is common sense that anything written in an email has the potential of being forwarded or discovered, this kind of incident keeps occurring, says Tom Piechura, MD of 42West’s East Coast movie marketing division. He says people have become accustomed to the belief that they can type just about anything in a text or email with little consequence and full confidence in its private nature.
Among Sony’s exposed emails were interactions between the entertainment company’s executives containing snide comments about actress Angelina Jolie and racially insensitive jokes about President Barack Obama. Sony’s co-chairman Amy Pascal met with prominent black leaders in New York on Thursday in an effort to mend fences over the Obama comments. Employees’ Social Security Numbers and detailed and identifiable health information on the company’s staffers, their children, and spouses were also leaked.
Richard Funess, a senior managing partner at Finn Partners, associates peoples’ lack of concern with what they write in email to its omnipresence.
"Email is there all the time and people just forget and think what they write doesn’t matter," he explains. "People don’t really take this kind of thing seriously until something like this happens."
While companies’ IT departments should ensure cyber security programs are up to par to stop hacks from happening in the first place, Linda Kingman, EVP of Golin’s employee comms practice Insidedge, says internal comms teams should constantly remind staffers that they shouldn’t view email as a private conversation.
"That’s just not reality," she says. "Employees need to be conscious, thoughtful, and careful in their approach to email."
In addition, written word can more easily be misinterpreted than an in-person or phone conversation, Funess adds.
"Make sure you vet all comms for anything that could be perceived as bigoted or misconstrued in writing," he says.
But keeping this at the top of staffers’ minds can be tricky. Funess points out that while policies outlining professionalism in emails should certainly be present in employee manuals, realistically they won’t get a second glance after a staffer has been hired.
Further, Ruder Finn CEO Kathy Bloomgarden says it isn’t enough to tell staffers to be careful when emailing – they already know this.
"There has been a lot of focus on what you should and shouldn’t do, but the focus should really be on changing the way employees think and act," she says.
An employee engagement initiative or program, for instance, could help companies change their internal culture in relation to this kind of issue, Bloomgarden explains.
"Companies really need to create an environment of transparency and trust and make people understand, through internal programs, the right way to work within this environment," she adds.
In the end, the key point for all staffers to keep in mind is something Piechura refers to as "an adage that will last until the end of time:" If you don’t want it posted publicly, do not type it in an email.
And, if all else fails, The New York Times’ Farhad Manjoo suggested in a blog that companies should jump on what he calls the "erasable Internet," investing in services like Confide and Snapchat, which immediately destroy digital messages after they have been read.