What are your insights about companies using Functional Email accounts for certain groups? For example, [email protected] would be used by the Accounts Payable group for vendors can email their invoices to one specific email account rather than the multiple AP employee accounts. Other examples could be [email protected] or [email protected] The email is accessed by one or two employees who own the account and monitor the email traffic daily. Our IT group has created a new policy that says Functional Email accounts are not being issued anymore because they are a risk for someone breaching our network. I haven't spoken to IT yet but wanted to get some input on what I should consider so I educated enough to have a meaningful conversation with them? Should Functional Email accounts be allowed and what are the risks to consider? Thank you for your thoughts.
Are Functional Email Accounts Risky?
Answers
Why would a function email address be any more at risk than a normal email address.
If the address is a box vs alias, then a password could always be cracked, the address (and those who log into it) could be phished, etc.
Well if it is an alias or distribution list the chances are the same.
Btw, each individual who either logs into the functional email or is part of the alias distribution list is also subject to the same risks on their personal mail addresses.
I think, contrary to a meaningful reason, they just don't want the "extra" work.
I have found them very useful. At one company we used an [email protected] address. Three people accessed it and the workflow sped up as the workers knew I could monitor completion of the tasks. Part of their annual review was based upon volume of work so at times I even had to stop one person from "hogging" all the tasks. Needless to say, that was not my toughest problem to solve!
As for risks, it would seem that scammers have a better chance at getting someone to open up a malicious file if it's sent to a function box. The employees would need to be trained to recognize these scams.