Firewall Wizards mailing list archives
Re: Screening Outgoing Mail for Content
From: Steve Bellovin <smb () research att com>
Date: Sun, 09 Aug 1998 22:08:26 -0400
In message <000101bdc2b7$912114f0$1e271bc4 () chris cirrus co za>, "Chris Crozier" writes:
It seems to me that the argument against screening content based on relative ease of defeating it is like saying that since locks can be picked don't bother locking anything. The aim has to be reduction of risk, not eliminating it (since that is impossible anyway). Locks work reasonably well because most people can't pick them, not because they are un-pickable.
As with any security measure, the first question to ask is what the threat is. Are you trying to defend against mostly-cooperative insiders who may accidentally leak things? Are you trying to comply with SEC rules on what brokers can and can't say? Are you trying to guard against a treacherous employee who wants to steal your secrets? Against an external hacker who has broken in and wants to use the net to export secrets? Each of these calls for different mechanisms. Case 3, for example, may require strict controls on drives with removable media on internal machines.
Current thread:
- RE: Screening Outgoing Mail for Content, (continued)
- RE: Screening Outgoing Mail for Content Steven Deutsch (Aug 05)
- Re: Screening Outgoing Mail for Content Dave O'Shea (Aug 05)
- Re: Screening Outgoing Mail for Content Bruce B. Platt (Aug 07)
- RE: Screening Outgoing Mail for Content Noller2G (Aug 07)
- RE: Screening Outgoing Mail for Content Francis, Catherine (Aug 07)
- Re: Screening Outgoing Mail for Content Chris Crozier (Aug 09)
- Re: Screening Outgoing Mail for Content Perry E. Metzger (Aug 09)
- RE: Screening Outgoing Mail for Content Chris Crozier (Aug 10)
- Re: Screening Outgoing Mail for Content Joseph S. D. Yao (Aug 10)
- Re: Screening Outgoing Mail for Content Adam Shostack (Aug 11)
- Re: Screening Outgoing Mail for Content Perry E. Metzger (Aug 09)
- Re: Screening Outgoing Mail for Content Steve Bellovin (Aug 09)
- Re: Screening Outgoing Mail for Content Brian Steele (Aug 10)
- Re: Screening Outgoing Mail for Content Jeremy Epstein (Aug 11)
- Re: Screening Outgoing Mail for Content Dean_Ethier (Aug 11)
- Re: Screening Outgoing Mail for Content Bennett Todd (Aug 12)
- RE: Screening Outgoing Mail for Content Stout, Bill (Aug 12)
- RE: Screening Outgoing Mail for Content Gary Crumrine (Aug 12)
- RE: Screening Outgoing Mail for Content Gary Crumrine (Aug 12)
- RE: Screening Outgoing Mail for Content Readwin, Neil (Aug 12)