I think everyone is missing the point here.
Everyone knows that email is insecure.
Everyone knows that system administrators have to be trusted, at least
to some degree.
For the system administrator to read someone's email in our current
system, he would have to put a sniffer on and redirect a copy of the
email somewhere else. He could also log on to someone's computer and
read their email.
Those are things that we would expect a sys admin not to do.
IMAP, especially on a database, changes the picture because while the
sys admin is doing routine maintenance it is so easy and untraceable to
search for keywords (such as his name or the word salary) that even a
"trusted" system administrator will do this. When the CFO gets salary
information emailed to her, (internally, never hits the Internet) she
would like that to be not easily accessible to the system administrator.
Can he log on to her machine and read her email? Yes
Will he? Probably not.
Will he search through the database out of curiosity? Probably.
I have heard a lot of complaints in the business world that CEOs, at
least those that understand the power of the system admin, would like a
better security model. Our CEO has password protected documents on his
personal computer, so that they are harder to read. He knows that the
password can be broken by someone with Password Cracker or whatever, but
that involves putting in effort, not just curiosity.
_______________________________________________
DBmail mailing list
[email protected]
https://mailman.fastxs.nl/mailman/listinfo/dbmail
