Dailydave mailing list archives
Re: Purchases
From: "Clemens, Dan" <Dan.Clemens () healthsouth com>
Date: Wed, 19 Jul 2006 14:12:01 -0500
Paul, I thought I would put in a few cents into this conversation to extend the thread. Most of the replies in this email have been jotted down when time permits.
P2P encryption creates some serious problems for med/large companies,
enough so as to actually keep companies from
purchasing or even deploying it widely. Here's why:
1. Point-to-point encryption undoes all of the expensive, scalable
security that companies have deployed in their server >rooms. No more ClamAV/Sendmail proxy or NAV on the Exchange server. No more Postini or MXLogic. No more Ciphertrust or >Tumbleweed. They'd be reduced to expensive points of failure. Hrm. I don't know if I am totally following this. Would SMTP-TLS be point-to-point encryption if we are looking at originating transmission points or are we focusing primarily on public/private key (point-to-point)? If we are talking about public/private key encryption I don't think the use of this technology reduces the solutions you noted upon to 'expensive points of failure'.
2. It also prevents compliance monitoring. HIPAA, GLB, and other laws
and regulations require that companies take
measures to prevent disclosure of certain types of information.
Encrypted e-mail that cannot be monitored by the
company is a big fiscal and PR (which is again fiscal) risk.
If we are looking only at the HIPAA regulation there is neither an 'addressable item, nor a required item' within the regulation that requires encrypted email to be monitored nor does it require email to be monitored. If anything the regulation states something along the lines of ..(paraphrased) - electronic transmissions that hold electronic patient information (ephi) should be encrypted if the company has the ability to do so (please see the difference between required and addressable items in HIPAA) when they leave the perimeter of your network. Could unencrypted email transmissions lead to a large financial impact - yes, but is is required by the spirit of this law in practice ? - no. Now if you're a large company and you have to conform to SOX you may need to comply to section 409(pretty soon) for speedy incident response to a possible contraband transmission..(which could lead to a financial impact IF the information leaked was encrypted, but then how would you identify the information leaked was the information you are worried about if its encrypted if all your watching is email transmissions).. Mixing and matching regulations is only suitable for companies that have strange regulatory or doj restrictions placed on them. :P
3. It won't stop spam. In order for P2P email encryption to actually
stop spam, the end user must know who they will
communicate with via e-mail. For many employees this impossible by
definition. ? I think the point Dave may have been making was if everyone 1) signed their email with a pgp signature and 2) the email was encrypted to the recipiant's public key from a known senders public key email could be trusted a bit more since the recipiant would be validated by their key. The end user usually know who they communicate with via email. This is why there is an address book. :) How many times have you received email from an unknown person that you haven't already met in person? What if you took 5 - 10 minutes for every new business or email contact and asked them to send you their public key, then you validated it? Wouldn't that help validating what email was spam and what email wasn't spam if you validated the signer of each email message from known parties?
If some random person can retrieve your >public key and send you a
message and you can retrieve their public key and
decrypt their message without any heavy lifting, then there's nothing to prevent spam.
I think this is a given in the problem, but if you have an infrastructure with some of the 'levels of defense' mentioned in point #1 and you performed content filtering, host based ids, av (name the rest of your host based defense mechanisms), and you validated incoming email via pgp signatures along with performing inbound/outbound network content filtering I am willing to bet some of the vectors of attack that would help someone steal your private key would be fairly limited to a point where spam was somewhat managable. Anyhow, these are just some thoughts and notes, -Daniel Clemens ----------------------------------------- Confidentiality Notice: This e-mail communication and any attachments may contain confidential and privileged information for the use of the designated recipients named above. If you are not the intended recipient, you are hereby notified that you have received this communication in error and that any review, disclosure, dissemination, distribution or copying of it or its contents is prohibited. If you have received this communication in error, please notify me immediately by replying to this message and deleting it from your computer. Thank you. _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Purchases Dave Aitel (Jul 16)
- Re: Purchases Pau Garcia i Quiles (Jul 16)
- Re: Purchases mikeiscool (Jul 16)
- Re: Purchases Bryan D. Payne (Jul 16)
- Re: Purchases Douglas F. Calvert (Jul 16)
- Re: Purchases mikeiscool (Jul 17)
- Re: Purchases Florian Weimer (Jul 17)
- Re: Purchases Hackling, Matthew (AU - Melbourne) (Jul 18)
- Re: Purchases Paul Melson (Jul 18)
- Re: Purchases Clemens, Dan (Jul 19)