Educause Security Discussion mailing list archives
Re:
From: Glenn Forbes Fleming Larratt <gl89 () CORNELL EDU>
Date: Mon, 17 Dec 2007 13:20:38 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Who is/are the steward(s), in your organization, for the data being protected? They ought to, I would think, have incotrovertible say over the issue of protecting the data that's theirs to protect. I would point out, too, that the "libraries can only protect books by closing their doors" argument is specious in the extreme: from the standpoints of the nature of the protection (data disclosure vs. physical security), the nature of the threat (global vs. local), and the nature of the data store (data whose sensitivity has caused legislative mandates to secure it, vs. data publically available), there's no valid comparison here. -g - -- Glenn Forbes Fleming Larratt Cornell University IT Security Office On Mon, 17 Dec 2007, Mclaughlin, Kevin (mclaugkl) wrote:
Thanks Joel. Agree with your comments, and I was actually pretty lucky in that while I could not get my formal data classification policy in place I was able to have it end up as an approved appendix to the Full Disk Encryption policy! :-) -Kevin Kevin L. McLaughlin CISM, CISSP, PMP, ITIL Master Certified Director, Information Security University of Cincinnati 513-556-9177 (w) 513-703-3211 (m) 513-558-ISEC (department)
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (MingW32) iD8DBQFHZr37Lyw7nZwiKgQRAjlGAKC7yQfgiwWtimR9trQHsiZbVTxpewCfYfVA T9CmWQyR/wXhvgaxI+c53Gk= =B0R6 -----END PGP SIGNATURE-----
Current thread:
- Re: Glenn Forbes Fleming Larratt (Dec 17)