Focus on Microsoft
RE: HOW TO encrypt and store mail Jan 12 2011 05:30PM
Edgar Zapata (edgar zapata sitel com) (5 replies)
Re: HOW TO encrypt and store mail Jan 12 2011 06:27PM
Alex (alex tsr gmail com) (1 replies)
On 12 January 2011 19:30, Edgar Zapata <edgar.zapata (at) sitel (dot) com [email concealed]> wrote:
> Thanks Kurt.
> I guess that won't do.  As far as I know, and based on the tests that we've been performing, it only provides for a way so in case the disks are robbed/stolen they won't be readable unless you have a key (stored in a say removable USB drive).
> It won't prevent the system admin from reading the contents of the mails or even making copies of the .edb and .stm files for later misues.
>
> We're still searching and testing so I'm open to suggestions.
>
> Thank you.

Well if you want it for PCI Full disk encryption is fine. The goal is
not to prevent the sysadmin to read sensitive data. The goal is to
prevent unauthorized people to do so.

If you want to prevent every other user except the ones in each email
conversation to read the data exchanged, then you should use PGP/GPG
or something equivalent. But even then, that won't stop the sysadmin
from accessing the corporate desktops/laptop, retrieve the user's
private key and then use it to decrypt the emails.

You shouldn't try to prevent your sysadmins from accessing sensitive
data, he's in charge of your systems and he has control of them. You
should trust them, separate their duties where possible and, above
all, audit their actions.

My 2 cents.

--
Cheers, Alex.

[ reply ]
Re: HOW TO encrypt and store mail and PCI DSS Skepticism Jan 12 2011 07:37PM
Eric C. Lukens (eric lukens uni edu) (1 replies)
RE: HOW TO encrypt and store mail and PCI DSS Skepticism Jan 13 2011 03:42AM
Thor (Hammer of God) (thor hammerofgod com)
RE: HOW TO encrypt and store mail Jan 12 2011 06:00PM
Ahmed Helal (ahelal muzaini com)
Re: HOW TO encrypt and store mail Jan 12 2011 05:52PM
Laurent Barbier (lbarbier arkane-studios com) (1 replies)
RE: HOW TO encrypt and store mail Jan 12 2011 06:44PM
rwagg (at) robhome (dot) com [email concealed] (rwagg robhome com)
Re: HOW TO encrypt and store mail Jan 12 2011 05:49PM
arjunvyavahare yahoo com
RE: HOW TO encrypt and store mail Jan 12 2011 05:38PM
Kurt Dillard (kurtdillard msn com) (3 replies)
RE: HOW TO encrypt and store mail Jan 12 2011 07:23PM
Dave Balogh (Dave Balogh ivans com)
RE: HOW TO encrypt and store mail Jan 12 2011 06:33PM
Staats, Ryan (ryan staats sno wednet edu)
RE: HOW TO encrypt and store mail Jan 12 2011 06:21PM
Chinnery, Paul (PaulC mmcwm com)


 

Privacy Statement
Copyright 2010, SecurityFocus