Email operations and email archiving needs to have safe and secure protocols in place, especially if the corporation is under the purview of a privacy-related piece of legislation, such as HIPAA or Sarbanes-Oxley. Generally, the best way to ensure that those privacy protocols are put in place is to avoid cloud-based email and storage services.

Google continues to try to get a seat at the enterprise with Gmail, and this week, some of the industry’s heavy-hitters took Google to the task over the issue. An open letter to Google’s CEO Eric Schmidt says the company is putting users at risk unnecessarily, and that encryption should be enabled by default on their web-based apps, including Gmail.

Currently, SSL is used only during login, after which, all browsing is unencrypted, unless the user takes an active step to return to the https protocol. Unless that step is taken, which most users will not do, the user is vulnerable to attack and theft. In most cases then, Gmail is run in the clear–which is completely unsuitable for corporate use.