>So what happens when that disgruntled employee decrypts >a tape and downloads it to a USB memory stick and walks >out the door with that ???
Data loss (theft) and need to notify - if you even know about it. There are products available for PCs/laptops that will stop data copies to removable media unless its encrypted - but then what about email? This really gets to the point that if you want to protect sensitive data, it has to be encrypted from time of creation - otherwise there is always an opportunity for a copy of it to move somewhere. Heck - even if its encrypted from creation - the 'analog hole' will still be an opportunity for data leaks as account reps or the like talk with customers and have access to view that sensitive information on their monitors. But the point there is that its a smaller amount of data - one customer at a time. The amount of damage that can be done is limited. While the back-end stores of data that provide the opportunity for leaks thousands of times bigger is protected all the time. >At some point, you've got to evaluate the situation for >reasonableness and call it good enough. I don't get to define reasonable. >Prosecute relentlessly or it will only get worse. Agreed. But again, not my department. Jeffrey Deaver, Engineer Systems Engineering [EMAIL PROTECTED] 651-665-4231(v) 651-610-7670(p) ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
