Re: Email Encryption

["Lang, Matthew" <mlang8 () UNCC EDU>]

Kevin,

Is this outside firm familiar with Higher Ed?  I would probably seek further clarification about what it is they are 
encouraging.
Also are they talking about student e-mails or faculty and Staff e-mails?  Do you make a distinction between Students 
and faculty and staff?

My personal opinion is that this is over kill with the facts provided.
If however they are encouraging something else I would have to hear before I could say good idea or not.

Just by way of some background I have worked for two very large financial institutions and neither encrypted every 
e-mail.  Both financial institutions, however did provide a secure mail solution for mail deemed sensitive, and had 
monitoring systems looking for unencrypted mail with sensitive data.

Matthew


From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Kevin 
Casey
Sent: Monday, July 25, 2011 2:52 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Email Encryption

We've been encouraged by an outside security firm to encrypt every blessed note that passes through our Exchange 
server.  This firm deals largely with entities such as banks, and I'm wondering if this is over-kill in the context of 
higher ed.

Any thoughts regarding "best practices" on this?

Thanks,

Kevin

__________________________________________
Kevin Casey
Executive Director
Information Resources
Phone:  (207) 941-7123
Fax:  (207) 941-7988
caseyk () husson edu<mailto:caseyk () husson edu>




 Husson University

 www.husson.edu<http://www.husson.edu/>