============================================== -----Original Message----- From: "Edward Jaffe" <[EMAIL PROTECTED]> Sent: 7/26/2006 9:17 AM To: "[email protected]" <[email protected]> Subject: Re: snding svc dumps
Veilleux, Jon L wrote: > I believe that IBM has a facility for shipping encrypted dumps. Other > vendors need to be able to encrypt also. Secure transportation of the dump is not the issue. His issue is with confidential data in the dump being viewed by the support team trying to solve his problem. Having looked at more than my share of customer dump, I'm interested to hear some of the responses. -- Edward E Jaffe ============================================== For confidential data (but not classified data), that is an issue to work out between the ISV and the customer using their non-disclosure agreement(s). The ISV would very likely be viewed as a subcontractor with regard to the federal and state regulations protecting consumer privacy, and must certify compliance the same as the customer. For classified data, the support team must have the appropriate level of clearance and some combination of: 1. Review the dump on site with proper supervision. 2. Use a certified mechanism for delivering and securing the dump. The may involve couriers, secure channels, and a secure system (maybe as high as level B1 security) for analyzing the dump. 3. Use a certified mechanism for destroying the dump (and maybe the media too) when the problem is resolved. Jeffrey D. Smith Farsight Systems Corporation 24 BURLINGTON DR LONGMONT, CO 80501 303-774-9381 direct 303-709-8153 cell 303-484-6170 fax ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
