Merrill Lynch shackles employee Net access
Third-party email services banned
Merrill Lynch today introduced a company-wide ban on access to third-party email services from corporate PCs.
In a memo to staff, the investment banker said it was prohibiting workers from picking up or sending email through Hotmail, Yahoo, AOL and the like because of "regulatory requirements" and as a means to cut off a possible route by which viruses might enter its network. Access to external message boards, chat rooms or forums have all become proscribed activities for Merrill Lynch workers. Using home email accounts at work have also been outlawed.
Merrill Lynch's ban extends rules that apply to workers on Merrill Lynch's trading desk across its 48,000-strong global workforce.
"We believe it is appropriate for that policy to be extended throughout the firm, without exception, to help ensure that electronic communications to and from Merrill Lynch facilities are subject to proper monitoring and surveillance," said the memo, a copy of which was obtained by Cnet.
Merrill Lynch's hard-line policy is similar to those already introduced at rival investment house Goldman Sachs. Access to external Web and Internet services is being closely controlled - or banned outright - across the investment banking community as part of wider regulatory changes introduced in the wake of the Enron affair.
The growing desire of finance houses to control access to unauthorised services has created a niche security market, with employee management firms like Websense and numerous others only too happy to step into the breach.
Meanwhile, related industry developments have boosted the market for enterprise class Instant Messaging products, which provide enhanced security and auditing features over mainstream IM products from AOL, MSN and Yahoo. ®
EDS bans IM
Memory sticks are the latest security risk
Personal storage sites are the latest 'security risk'
Websense hopes to filter more than just the Web
Net 'misuse' costs corporate America $2000 per second
Sponsored: Protecting mobile certificates