No. Mason employees and authorized individuals operating on behalf of Mason are required to use their assigned Mason email accounts for all university business (see Employees' Electronic Communications). Violations of this policy open the university to risks, including:
- Phishing: Using non-Mason email to conduct university business can confuse the recipient and make it harder to differentiate official emails from phishing attempts.
- Mason's email systems include robust protections against spam, phishing, and malware, as well as contractual obligations on the part of the provider. The university has no control or insight into protections that may or may not exist in non-Mason email systems.
- ITS is unable to investigate complaints regarding abuse or misuse of emails that originate from non-Mason addresses.
- The university must be able to respond to legal holds and Freedom of Information Act (FOIA) requests. Personal email accounts may become subject to scrutiny in response to a subpoena, FOIA request, or other legal actions if it becomes necessary to retrieve university-related emails.
- All email messages forwarded to Mason email accounts become part of the university's electronic records and are archived in accordance with Mason's data retention schedule and practices. Sending protected data, including Personally Identifiable Information (PII) or Family Educational Rights and Privacy Act of 1974 (FERPA) data, through a non-Mason email provider violates state and federal regulations.
Employees who use their own devices for university work should ensure they are configured to use Mason's email system for work communications. For additional background on the information above, refer to the Faculty Senate Email and Research Policy Task Force Report.