Yup. Happens all too often. Fortunately, we have a great InfoSec guy here, who reports directly to the CIO, and the CIO has fairly broad veto power over almost any business initiatives.
Doesn't hurt that the CIO is brilliant either. -------------------------------------------------------------- Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis Inc. > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Sent: Wednesday, February 26, 2003 9:50 AM > To: Exchange Discussions > Subject: RE: Exchange server level encryption > > > On Wed, 26 Feb 2003, at 9:33am, [EMAIL PROTECTED] wrote: > > It sounds like they're pushing for 100% encryption of all > email, which > > is well beyond my understanding of the expectation under the law. > > While I don't know about this particular case, I've seen > such reactions before in similar, non-HIPPA cases. It goes > something like this: > > Security becomes a concern. Of course, you cannot have > security without a good security policy that defines your > information assets, risks, threats, counter-measures, and so > on. Nor can you have security without user understanding and > education. So the IT guys tell the PHBs that their existing > policy of driving blindly through the fog is a bad idea. The > PHBs react by coming up with crap ideas like "everything must > be encrypted" > (without even knowing what encryption actually *is*). > Actually fixing their management structure would cost too much. > > -- > Ben Scott <[EMAIL PROTECTED]> > | The opinions expressed in this message are those of the > author and do > | | not represent the views or policy of any other person or > organization. | > | All information is provided without warranty of any kind. > | > > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
