Wells Fargo to [offer] Personal Online Safe for storing electronic copies of important materials, such as financial statements, loan and tax documents, wills, passports, and birth, marriage and death certificates: https://www.wellsfargo.com/press/2008/20080319_Online_Safe ---
There are three crucial issues with respect to any archival store, whether online or in your own home or business. The first is survivability. What guarantees are provided against human errors (e.g., the data was deleted because someone forgot to pay the monthly storage bill, or the credit card bounced, etc.), software errors, hardware errors, theft, and natural disasters such as fire, flood, earthquake and the cat knocking the disk drive onto the floor. And what provisions are made to recycle and refresh the data so that it remains readable for the next 20, 50, or 100 years? The second is access control. What mechanisms are in place to prevent unauthorized deletion, modification/update/replacement, etc., and what kind of strong identification and authorization mechanisms will be used for that purpose? It doesn't matter how strong an encryption algorithm was used if someone can delete my data, either deliberately or accidentally. And as banks have notoriously reluctant to implement strong I&A controls for banking purposes, e.g., the use of smart cards, I would be rather surprised if they were to start doing so for this service. The third, and either the most important or the least important, depending upon the sensitivity of the information, is the privacy and nonrepudiation guarantees provided by the service. Can the archival store itself read the data? Can they modify or replace it without detection? Personally, I wouldn't trust any service offered by a bank or any other institution if they are doing the encryption at their end, for if they can encrypt it they can almost surely decrypt it, modify it, etc. Likewise, I wouldn't trust any service that depends upon the security of my browser, which after all reaches out and touches all sorts of sites, and can could very easily be compromised without the user even knowing it - an increasingly common "man at the end" attack. IMHO, the third issue, security and nonrepudiation, can ONLY be guaranteed through the use of hardware-based file encryption device, e.g., the SPYRUS Hydra PC. The first two, survivability and access control, are still very important, and must be addressed through strong contractual obligations. Unfortunately, the Well Fargo press announcement doesn't answer any of those questions. Bob _______________________________________________ FDE mailing list [email protected] http://www.xml-dev.com/mailman/listinfo/fde
