Hi,
Privacy is the fundamental argument against this practice various others
logs are commonly used so we can't get on our principles now. In the UK
most users don't expect it so that would be my only concern: if your
going to log then the users should know so they can alter their
behaviour accordingly.
My core criticims is purely technical - no-one in this thread has been
able to argue that the it can stop even the most slightly malevolent;
instead on the pro side it will protect against 'accidental leakage'.
The problem then becomes that the tool no longer fits the requirements,
management wants something to stop the movement of private data out via
electronic mail, not something that will stop 'some' usages of key
words. As Fred points out this doesn't mean that a security solution is
useless just because it is only 65% effective; but I would add the rider
that a solution is useless if management doesn't understand the
limitations. Part of our job is to guide them in this and work out
where cost/effort make the technique questionable.
So if you want to stop accidental loss then use such a tool; if you want
to really stop information getting out then use an AUP and randomly read
emails.
Does anyone know of any other good products that might be able to blow
my arguments apart ;)
Steve
>>At 01:10 PM 1/14/99 -0500, Evan Brastow wrote:
>>>> Don't try to solve social problems with technology.<<
>>.. My answer is always no. That's a personnel issue, not a
>
>Seems to me we have come a long way from "the security mechanism >enforces
>the security policy of the organization, if it can. it does not enforce >a
>policy of its own."
>
>Granted, there are people who want intrusion detections systems with
>psychic powers, but the requirement that a device filters incoming >content
>for viruses, or outgoing messages for certain key words is certainly >easy
>to do programmatically. If you don't want to do it on grounds of >principle,
>and I'm the boss, we might just terminate our relationship. If it is a
>matter of "it just cannot be done," or "it cannot be done while still
>keeping the system usable," then our job is education.
>
>But that is not where this discussion has gone. It seems like it keeps
>coming back to whether we think it *should* be done, not *could* be >done.
>
>Fred
>Avolio Consulting
>16228 Frederick Road, PO Box 609, Lisbon, MD 21765
>410-309-6910 (voice) 410-309-6911 (fax)
>http://www.avolio.com
>
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
