Contrary to Popular Opinion, Webmail is Not Dead!

Matt Keil


Category: Uncategorized

The rapid expansion of social networking, video chat and micro-blogging has led to some speculation that webmail is dead or dying. Like Mark Twain famously said, “the report of my death was an exaggeration,”  the same holds true for the claimed death of webmail.

Looking at traffic patterns on enterprise networks over the past 2 years, summarized in the Application Usage and Risk Reports, shows that the use of webmail applications remains very healthy and shows no signs of getting old, ill or dying. Several data points support this finding.

  • Webmail traffic, as a percentage of overall traffic has increased over the four reporting periods.
  • The frequency that webmail was found within the participating organizations hovered between 93% and 96%.
  • The number of application variants found in use increased from 24 to 33, yet the same five applications remain the most commonly used.
Spring 2009 Fall 2009 Spring 2010 Fall 2010
Bandwidth as a % of Overall Traffic 0.04% 0.01% 0.21% 1%
Frequency Of Webmail Overall 96% 95% 93% 95%
Gmail Frequency 96% 95% 99% 94%
Hotmail Frequency 96% 94% 90% 91%
Yahoo Mail Frequency 96% 92% 88% 89%
Facebook Mail Frequency 87% 78% 67% 79%
AOL Mail Frequency 91% 68% 55% 54%

*Chart updated 11/14/2010

As the data shows, webmail use is strong and vibrant. The use of these applications however poses certain business and security risks. Regulatory compliance within specific industries such as financial services, data loss via file transfer features, malware propagation and vulnerability exploits are the key risks that organizations are exposed to when webmail is in use.

Webmail applications enable more efficient communications so the benefits are very clear. The challenge for IT is to maintain network security while enabling a set of applications that most people would view as being used more for personal, not professional, purposes.

The business benefits make the unreasonable “block all webmail” an inappropriate response while the “head in the sand, allow all” approach is equally inappropriate due to the business and security risks. Organizations need to follow a systematic process to develop, enable and enforce policies that allow the use of webmail in a controlled yet secure manner.

Matt

1 Reader Comment

  1. From a personal point of view they are unbeatable, I have finally convinced my father to open a Gmail account instead of having to notify everyone that his email has changed when his ISP does! From a business perspective – can serve a purpose but obviously a professional domain goes a long way…

    Stewart Higgins
    Intranet Expert
    Intranet Software

Got something to say?

Get updates: Unit 42

Sign up to receive the latest news, cyber threat intelligence and research from Unit42


SUBSCRIBE TO RSS