Content filters wrongly configured and anti-virus software poorly managed...
The vast majority of UK businesses using content filtering to protect their corporate networks do not have the software installed properly.
In addition, around half of firms - including large corporates - do not look after their anti-virus software correctly, leaving them open to cyber attack, according to the MD of security consultancy Peapod UK.
Stuart Morrice told silicon.com that in his experience of auditing company email, up to eight out of 10 firms had not configured their content filtering software correctly.
He said: "The problem is the technical guys are installing this software without knowing what their company's content policy is. They really need to sit down with the human resources department and the directors to work this out.
"If they don't they are potentially opening their company up to all kinds of legal liability."
Content filtering software is used at the email gateway and network firewall to stop unsuitable material, such as pornography, either entering or leaving a company.
Company directors have a duty of care to ensure that information held on company computers meets both their own policies and is legal, and can be held personally accountable in the courts.
Morrice added: "You only have to look at the recent cases where email has been so vital - such as the Enron case, the city lawyers accused of sexism, and now the row with Stephen Byers - to realise what a potential minefield this is both legally and in terms of reputation."
Peter Cox, international VP of firewall firm Borderware, agreed. He said: "People must have the policies in place, and get the board to buy in to them, and then enforce them with their implementation."
Peapod research indicates less than 40 per cent of corporate email is actually business related, and most email systems do not comply with UK law.