On 2013-09-17 Max Kington <mking...@webhanger.com> wrote:

[snip]
> Hence, store in the clear, keep safe at rest using today's archival mechanism 
> and when that starts to get dated move onto the next one en-masse, for all 
> your media not just emails.
[snip]

I would tend to agree for environments with very high regulations, where the 
need to comply with regulations is more important than the need to keep data 
confidential.
I would suggest to balance that for every organisation. The risk to disclosure 
is much higher if data is stored unprotected. Any admin with access to the file 
system is able to read it.
Maybe this could be a cultural difference between US and Europe, the regulative 
pressure in US is higher, in Europe the privacy is more important or more 
protected.
I agree that both ways may be the right implementation for an organisation, but 
this has to be a management decision, balancing the needs.

Best regards

-- 
Christoph Gruber
"If privacy is outlawed, only outlaws will have privacy." Phil Zimmermann

_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography

Reply via email to