Automatically Forwarded Email Policy
Purpose
To prevent the unauthorized or inadvertent disclosure of sensitive company information.
Scope
This policy covers automatic email forwarding, and thereby the potentially inadvertent transmission of sensitive information by all employees, vendors, and agents operating on behalf of (^Company^).
Policy
Employees must exercise utmost caution when sending any email from inside (^Company^) to an outside network. Unless approved by an employee's manager InfoSec, (^Company^) email will not be automatically forwarded to an external destination. Sensitive information, as defined in the Data Classification and Protection Policy, will not be forwarded via any means, unless that email is critical to business and is encrypted in accordance with the Acceptable Encryption Policy.
Policy Compliance
Related Standards, Policies and Processes
- Acceptable Encryption Policy
- Data Classification and Protection Policy
Definitions and Terms
The following definition and terms can be found in the SANS Glossary located at:
https://www.sans.org/security-resources/glossary-of-terms/
- SMTP
- Forwarded Email
- Sensitive Information
- Unauthorized Disclosure