Re: [Spam:5.9 SpamScore] Re: [SECURITY] Please print and post -

[Eme Ejike <eejike () ODU EDU>]

First and Foremost, I commend your efforts Dr. Akpo in putting together
an industry who is who and a comprehensive conference for the national
cyber security month activities at your university.

I have followed the thread responses on this post with interest and
would also like to concur on the point that Security Engineers might
rightfully be weary of such messages.
Furthermore, the rash of pdf vulnerabilities does not help in minimizing
the ante on the security narcissistic meter.

However, we might be missing the point of actually highlighting the
reason(s) why one would hastily delete such messages.
I'm hoping EDUCAUSE has some appropriate mail scanners and filters but
then again we have all seen our share of ingenious methods of
compromised accounts

This brings me to the main point.....Mail Signing or simply some sort of
message hash validation.
This is a project of great interest in our environment and I hope to
have implemented. It is personally displeasing sending mail out without
such mechanisms attached to my message.


I do not wish to hijack this thread but can't help to wonder what method
are utilized by our members who have responded to this thread in
provisioning mail or sender validation if such a message like Dr Akpos'
needed to be sent out.

In addition, if you are currently utilizing such mechanisms, has the
process allowed the university to officially utilize mail as an official
channel for authorization in sensitive university business processes.
(i.e CC Approvals [Petty Cash], Purchase authorization e.t.c]

Thanks

Eme Ejike
University Enterprise Systems Security Officer
OCCS, Enterprise Security and Operations
Old Dominion University
Norfolk, Virginia,
23525
P: 757-214-7569