Version:            (using KDE KDE 3.1.2KDE 1.2)
Installed from:    UnspecifiedUnspecified
OS:          Linux

A major (and well founded) fear of Small and Medium Enterprises (like mine) is theft of company data by employees; especially employees that might like to set themselves up in competition and give themselves a head start by taking years of accumulated company data, customers, suppliers etc, with them; and also disgruntled employees who might pass on sensitive data to competitors, customers, or suppliers, before leaving. Employee theft generally causes 30% of all business failures according to the U.S. Chamber of Commerce. Whilst data theft may be only a small fraction of total theft, the value lost and damage done to a business may be much greater than the loss of tangible goods. 

What many companies don't fully realise, until it is pointed out to them, is that their email clients and web browsers provide their employees with the perfect means to steal their sensitive data, effectively without trace. It is simple for users to accumulate data in files that can then be attached to an email/webmail message, or sent in the body of a message itself. Much easier than unauthorized copying to floppies (of which more companies are aware) with almost no risk of getting caught.
Normally companies would be totally unaware of this activity. Even if they have suspicions, most SMEs can't run sophisticated content/attachment filtering to detect this activity, and even if they suspect something has happened, don't have the technical resources to recover deleted messages. 

Most smaller companies don't run their own SMTP servers, so the only possibility for monitoring this sort of activity is in the client software. Monitoring should be far more effective in integrated web and mail clients because it allows all forms of messages and attachments that can be generated by the clients to be monitored eg: webmail as well as email. Naturally this sort of security is more effective in an inherently secure OS like Linux rather than Windows :)

The highest priority feature for SMEs would allow root to designate directory(s) from which files could be attached to email/webmail. Attachments from any other directory would be prohibited. Steganographic images hiding illicit content would also be prevented by default. The company could maintain directory(s) of approved attachments eg: of sales material, and be confident that other data could not be stolen in this way. It would also give clear feedback to users that internet activity is monitored and restricted, possibly deterring other attempts - especially if an 'error' message indicated that the prohibited activity is logged.

Other simple-to-use optional features could log and warn of other suspicious mail eg: with suspicious content in the message body:-

Messages over a specified length, all messages to specified destinations, and all encrypted messages (where encryption itself would be suspicious) could be logged and copied to a user-inaccessible file. A warning could then be mailed to root or some other security administrator. Anyone sending stolen data in the body of emails is likely to send relatively long messages, or multiple shorter messages to their own private address.

Logging the destinations of all messages from each user would probably be the minimum default level of monitoring, and would show suspicious frequent destinations whose messages should be copied and inspected.

As with all employee monitoring, employers have a responsibility to advise their employees of the policy, and should check local legislative requirements.

Once SMEs are fully aware that they currently have no security to prevent data theft by email/webmail, it is a major worry, and would be a high value selling feature of any web/mail clients offering a solution. I would gladly pay a premium for an SME version with this sort of security, and *any* security features along these lines will influence my choice of clients as I migrate my existing Windows PCs to Linux.