Re: Risks of File Transfer on a Fully Switched Network

[Ken Connelly <Ken.Connelly () UNI EDU>]

Fully-switched is not much more secure than old-fashioned shared hubs.
We allow unencrypted transfers *only* over networks that reside
completely (all switches and router connections) within our computer
room and completely under our control.  If end-users have access to a
switch port on one of the networks in question, they can see every byte
if they want to.

- ken

Sadler, Connie wrote:

> I am being told that the risk of transferring sensitive files over our
> InTRAnet is so low that we should not require encryption for these
> internal file transfers. Transferring over the Internet in the clear
> is clearly a problem, but are others willing to share your position on
> the transmission of sensitive data in the clear internally (assuming a
> fully switched network)??
>
> Thanks...
>
> Connie J. Sadler, CM, CISSP, CISM, GIAC GSLC
> Director, IT Security, Brown University
> Box 1885, Providence, RI 02912
> Connie_Sadler () Brown edu
> Office: 401-863-7266
> PGP Key:
> _http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x91E38EFB_
> <http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x91E38EFB>
> _http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x91E38EFB_
> <http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x91E38EFB>
> PGP Fingerprint: DA5F ED84 06D7 1635 4BC7 560D 9A07 80BA 91E3 8EFB

--
- Ken
=================================================================
Ken Connelly Systems and Operations Manager, ITS Network Services
University of Northern Iowa           Cedar Falls, IA  50614-0121
email: Ken.Connelly () uni edu
phone: (319) 273-5850   fax: (319) 273-7373

It's much more important to know what you don't know than what you do know!