What if your data was encrypted, you read it into a sort, put the sort output to a data set where it was NOT encrypted, and someone copied it? Or, they got it from sort work areas that were left on disk and not erased? Does that count?
Bill ________________________________ From: IBM Mainframe Discussion List <[email protected]> on behalf of Jesse 1 Robinson <[email protected]> Sent: Friday, September 15, 2017 7:21 PM To: [email protected] Subject: Re: Would encryption have prevented known major breaches? I have to keep harping on this. The looming EU regulation on hacking is a potentially huge legal liability. You cannot defend yourself in court by arguing that you hire the best people. You can defend yourself only by showing that the hacked data was encrypted. . . J.O.Skip Robinson Southern California Edison Company Electric Dragon Team Paddler SHARE MVS Program Co-Manager 323-715-0595 Mobile 626-543-6132 Office ⇐=== NEW [email protected] -----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of zMan Sent: Friday, September 15, 2017 12:16 PM To: [email protected] Subject: (External):Re: Would encryption have prevented known major breaches? Hiring competent people. That's so 20th-century. Get with the program, man! On Fri, Sep 15, 2017 at 8:51 AM, John McKown <[email protected]> wrote: > On Thu, Sep 14, 2017 at 7:41 PM, Tom Brennan > <[email protected]> > wrote: > > > John McKown wrote: > > > >> IMO, encrypting data is a very good defense. Another good defense > >> is hiring competent people rather than inexpensive people and > >> giving them > the > >> time to design, code, and test their solutions. I don't have > >> statistics, but many attacks are based on coding errors such as the > >> infamous "SQL Injection" attacks. On the almost hilarious attacks > >> which succeed > because > >> "whomever" didn't bother to configure the security on some piece of > >> equipment, and left the administrator credentials as "admin/admin". > >> Of course, the people & time requirements that I mentioned "cost too much" > >> and > >> "delay time to market". Today's world is based on think up > >> something in the morning, design over lunch, create before dinner, > >> ship the next morning. > >> > > > > Did you mention admin/admin because of this news report, or just > > coincidence? > > > > https://nam04.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.bbc.com%2Fnews%2Ftechnology-41257576&data=02%7C01%7Cbillwilkie%40hotmail.com%7C119fcd6b7a8a4006ca7d08d4fc6f0771%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C636411001169882688&sdata=NoMB%2BXNEHgLO6qX0aYduhy5TP4x0ANW4QugDNJVVHCc%3D&reserved=0 > > > That was the reason. I just couldn't remember if it was Equifax or > something else in the news recently; and I was too lazy to double check. > > -- > UNIX was not designed to stop you from doing stupid things, because > that would also stop you from doing clever things. -- Doug Gwyn > > Maranatha! <>< > John McKown ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
