Re: Screening Outgoing Mail for Content

[Steve Bellovin <smb () research att com>]

In message <000101bdc2b7$912114f0$1e271bc4 () chris cirrus co za>, "Chris Crozier"
 writes:
> It seems to me that the argument against screening content based on relative
> ease of defeating it is like saying that since locks can be picked don't
> bother locking anything. The aim has to be reduction of risk, not
> eliminating it (since that is impossible anyway). Locks work reasonably well
> because most people can't pick them, not because they are un-pickable.

As with any security measure, the first question to ask is what the
threat is.  Are you trying to defend against mostly-cooperative insiders
who may accidentally leak things?  Are you trying to comply with SEC
rules on what brokers can and can't say?  Are you trying to guard against
a treacherous employee who wants to steal your secrets?  Against an
external hacker who has broken in and wants to use the net to export
secrets?  Each of these calls for different mechanisms.  Case 3, for
example, may require strict controls on drives with removable media
on internal machines.