By Kim Tong-hyung
Staff Reporter
A female Suwon City employee frequently uses her Naver (www.naver.com) e-mail account at work, saying it is more convenient for moving large files than her suwon.ne.kr office account.
However, with the government's strengthened security rules blocking public workers from using e-mail services from Internet companies starting Oct. 1, Kim expects an annoying adjustment period.
``It's hard to deny that the commercial companies are providing better e-mail services,'' she said. She requested her name not be used.
``I have experienced errors more than once when I used my office account to send large files, and sometimes I have to divide the content and send it separately, which is inconvenient for everyone. Now, they are suddenly stopping me from using my Naver account, but I am skeptical if our in-house e-mail service has gotten any better.''
Prevented from using her favorite e-mail account is just one of the many changes Kim will be experiencing in the cubicle.
She will be banned from downloading files on storage devices, only permitted to use ``listed'' USB sticks provided by her employers, and also prevented from exchanging files on Web-based storage sites such as Webhard (www.wehbard.co.kr), which are immensely popular among business users.
And with the Ministry of Public Administration and Security planning to make a blacklist of sites prevented access in public buildings to clamp down on ``work disruption,'' life in the office is about to become a lot duller for those on the state payroll.
According to the guidelines announced by the ministry earlier this month, public workers are banned from using e-mail services provided by commercial companies like Naver, Daum (www.daum.net), Google (www.google.co.kr) and MSN (www.msn.co.kr).
Instead they will be required to use the korea.kr accounts, a comprehensive e-mail service for government workers. They will be allowed to keep their in-house e-mail accounts only if their organizations upgrade the security level of their e-mail system to new standards provided by the ministry.
``The korea.kr e-mail services allows users a storage of 2 gigabytes, so moving big files won't be much of a problem,'' said Kim Jong-oh, an official at the ministry's information protection bureau.
``Preventing workers from using their personal e-mail accounts and their own USB sticks will cause inconvenience at first, but it is a small price to pay to strengthen protection of crucial government data. It is true that the government e-mail accounts are more easier to track down in cases such as hacking,'' he said.
Kim said the ministry is also planning to introduce an Internet storage site for government users, who need an alternative to Webhard and other commercial sites.
The tougher security measures come at a time when the country has been rocked by a slew of public and private sector data breaches.
Recently, a group of rogue employees at GS Caltex were arrested for downloading the private information of more than 11 million customers on DVD discs and attempting to sell them on the black market.
And in a bizarre incident last month, more than 900 customers of mobile-phone operator SK Telecom found their names, credit card numbers and bank accounts become a Google search result.
Government organizations were also exposed for their loose security as well. In April, the presidential office of Cheong Wa Dae admitted that it's data center had been attacked by hackers.
And in August, an employee at the Ministry of Education, Science and Technology accidentally posted the personal information of more than 7,000 public workers ― including names, jobs, mobile-phone numbers and log-in IDs for government networks ― on the ministry's Web page (www.mest.go.kr).
Although many government workers are frustrated about the constraints on e-mail use, employees at private companies don't understand what the problem is about. Many Korean companies have similar security measures, banning employees from accessing certain sites and tightly controlling the exchange of data through e-mail or instant messaging services.
``We can't even think about downloading USBs and we can't even send a single e-mail without approval,'' said a SK Telecom employee.
However, critics argue that the government's decision to introduce a unified e-mail service for public workers makes them further vulnerable to surveillance, and thus, exposes them to further danger of privacy infringement.
And, as evidenced by the Science Ministry case, data leakage is often a result of human error and the loose control over public organizations sharing their personnel data than solely of e-mail systems.
``Malicious code attacks happen more frequently through the Web than from e-mail accounts, so preventing public workers from using Naver and Daum wouldn't make a significant difference from a security stand point,'' said an official from a local software developer.