Security Basics mailing list archives
RE: Encryption and Data Retention
From: Mattias Baecklund <mattias.baecklund () ifsworld com>
Date: Wed, 5 Aug 2009 16:33:26 +0200
Well the same argument have been said about backup systems and people have found workaround for that. Just change the encryption methods when it gets outdated. That is a nonissue if you ask me, I would worry more over the backup system then the encryption (it was a long time since Caesar used his cipher but you can still decrypt messages made with that encryption today). But that is only my opinion. Mattias From: s0h0us [mailto:s0h0us () yahoo com] Sent: den 5 augusti 2009 13:13 To: Mattias Baecklund; security-basics () securityfocus com Subject: Re: Encryption and Data Retention The argument here (made by the BCO) is that since the information needs to be stored permanently, any encryption methods used today may not be available 15-20 yrs from now, making it difficult to retrieve then. ________________________________________ From: Mattias Baecklund <mattias.baecklund () ifsworld com> To: "s0h0us () yahoo com" <s0h0us () yahoo com>; "security-basics () securityfocus com" <security-basics () securityfocus com> Sent: Wednesday, August 5, 2009 3:35:08 AM Subject: RE: Encryption and Data Retention The overhead in time to decrypt is negligible if you ask me. Mattias
-----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of s0h0us () yahoo com Sent: den 3 augusti 2009 20:01 To: security-basics () securityfocus com Subject: Encryption and Data Retention Hi List, I'd like your hear your comments regarding the subject of data encryption and data retention. We are required to keep confidential information for a certain period of time, in some cases, for many years. This information is transported (physically by courier) offsite to a "disaster recovery" office. This data isn't encrypted. The Business Continuity Officer calims that in the event of a disaster or business disruption, this information needs to be access very quickly so that transactions can resume and minimize business downtime. My position is that any information that leaves the building needs to be encrypted, and that the likelihood of a disaster is low compared to that of unauthorized information disclosure in the event something happens in transit.. I appreciate in advance your experiences and thoughts in this matter. Thank you! ----------------------------------------------------------------------- - Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be44 2f727d1 ----------------------------------------------------------------------- -
------------------------------------------------------------------------------ CONFIDENTIALITY AND DISCLAIMER NOTICE This e-mail, including any attachments, is confidential and intended only for the addressee. If you are not the intended recipient, please notify us immediately and delete this e-mail from your system. Any use or disclosure of the information contained herein is strictly prohibited. ------------------------------------------------------------------------------ CONFIDENTIALITY AND DISCLAIMER NOTICE This e-mail, including any attachments, is confidential and intended only for the addressee. If you are not the intended recipient, please notify us immediately and delete this e-mail from your system. Any use or disclosure of the information contained herein is strictly prohibited. ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Encryption and Data Retention s0h0us (Aug 04)
- Re: Encryption and Data Retention Ali, Saqib (Aug 05)
- Re: Encryption and Data Retention Shreyas Zare (Aug 05)
- RE: Encryption and Data Retention Mattias Baecklund (Aug 05)
- Message not available
- RE: Encryption and Data Retention Mattias Baecklund (Aug 05)
- Message not available
- Re: Encryption and Data Retention jacco (Aug 05)