Should You Mix Business and Personal Email?

Is It a Good Idea?

Photo: Gregor Schuster / Getty

Whether or not you use your company email account to send personal emails is primarily up to the company. It is up to your employer to establish policies and guidelines that govern the use of their network resources. Employers should have employees read and agree to an Acceptable Use Policy (AUP) that outlines what is allowed and what is not before granting them access to network resources.

What about using your personal email account to conduct business?

Again, the answer is that it is probably not wise. Does your personal email account have the same strict password rules as your company email account? Are the communications between your computer and the personal email provider's servers secured or encrypted in some way? If you send sensitive or confidential information, can it be intercepted, or will a copy be cached or stored on the email servers?

In addition to these questions, if your company falls under compliance mandates such as Sarbanes-Oxley (SOX) there are requirements concerning the protection and retention of email communications related to the company. If you work for a government agency there is a good chance that your communications are subject to some sort of Freedom of Information rules. In either case, sending official information on your personal account would place it outside of the controls in place to protect and retain email communications.

Doing so is not only a compliance violation, but also gives the appearance of a willful and intentional attempt to circumvent the system and covertly hide your communications.

There is no better illustration of why mixing personal email with work email is a terrible idea than that of Hillary Clinton's use of a private email server during her time as Secretary of State.

This was one of the most public cases of why you shouldn't do something like this. Not only does it go against government policy. It's just not a good idea because personal email accounts typically don't have anywhere near the amount of technical safeguards that government systems do. Not that government systems are perfect, but they are typically configured in such a way as to attempt to minimize security threats.

On the other side of the aisle, One time Republican Vice Presidential nominee Sarah Palin, former Governor of Alaska, learned the hard way that personal email accounts do not provide the same level of security as the Alaskan government email system. A group calling themselves 'anonymous' managed to hack into her personal Yahoo mail accounts. 'Anonymous' made a handful of the email messages public, more or less to prove they had actually hacked the account. Some of the message titles and recipients seem to support rumors that she may have used her personal email specifically to keep ethically-challenged subject matter out of the Alaskan government email system and outside of any Freedom of Information requirements.

I am not sure yet how 'anonymous' was able to gain access, but make sure you follow good practices when creating passwords even for your personal accounts.

But, secure passwords or not, use sound judgment and follow the rules when deciding whether to mix personal and business email.

Some other great resources on email security include the following

Editor's Note: This legacy article was updated by Andy O'Donnell