Security Basics mailing list archives
Re: Opinions sought...How much information is to much to "give away"?
From: Kevin Kasner <tkevink () gmail com>
Date: Thu, 30 Jun 2005 11:15:06 -0700
Many thanks to all who gave me their opinions. I really appreciate it. I ended up sanitizing and generalizing the statements (for example, "we are backing up in a heterogeneous environment, including Novell, Windows and AIX"), but I left in the sentence "We have separate solutions for our Firewall, Intrusion Detection, Remote Access and network monitoring" since the point the paragraph was trying to make was that I had not opted to spend $^3 on a dedicated encryption appliance even though I may have done so for the other parts of my system. Again, many thanks for your time and opinions. Kevin. On 6/29/05, Kevin Kasner <tkevink () gmail com> wrote:
My backup vendor recently interviewed me for an article because I'm using their encryption package. They have sent me the article for review, so I still have a chance to change how much information is disclosed... In the course of the article, several things are revealed about my environment: 1) My backup solution & what types of data are encrypted in my back ups (ie: customer data, AD/LDAP info, databases, server O/S's), and that I have off site storage of tapes 2) My OS mix (ie: Windows, ...) 3) the fact that I have "separate solutions" for firewall, IDP, remote access, and network monitoring 4) Who we are and what city we are located in. So...I'm looking for some honest opinions on whether I'm giving away too much info. Thanks!!
Current thread:
- Re: Opinions sought...How much information is to much to "give away"? Kevin Kasner (Jul 04)
- <Possible follow-ups>
- Re: Re: Opinions sought...How much information is to much to "give away"? bsdwiz (Jul 04)