Educause Security Discussion mailing list archives
Re: Risks of File Transfer on a Fully Switched Network
From: Russell Fulton <r.fulton () AUCKLAND AC NZ>
Date: Thu, 1 Dec 2005 10:41:24 +1300
Gary Dobbins wrote:
For all the reasons the other respondents have pointed out, you may want to choose to simply expect the campus net is just as potentially hostile as any cyber cafe, harden the endpoint machines, and use only encrypted transmission for sensitive data as a matter of policy. Then, permit variance from that default policy only by deliberate choice, and in the presence of sufficient local compensatory controls, such as within a managed datacenter.
Gary makes a good point about policies. My view is that one of the main reasons for policies is to make people stop and think before doing things. When ever we put up new polices we get a chorus of 'but what about X'. In some (most?) cases it turns out that there are alternative ways of doing X without breaching policy, in many cases the new way is better from a security perspective and no worse from a convenience view. Sometimes we decide that the risk posed by X is less than the cost of adhering to the policy and we grant an exemption. The key thing is that someone has stopped and thought about it. This is exactly what is happening in Connie's case. Some people in her organisation are (in effect) arguing that the risk of interception is less than the cost the encryption. What is missing from this equation is the cost of compromise. Most organisations have a document classification scheme: Public, internal distriution, sensitive, highly sensitive..... My gut feeling is that things that are internal distribution and below don't need encryption on the local network, but anything above does, even if the risk is low simply because encryption is now so cheap. One ends up asking the question "why would one *not* encrypt exam papers that are being sent to the printer (I mean both/either the part of the organisation responsible for printing such things and/or the physical printer on the network which should be in a highly secured area where there is no (well as low as one can make it) possibility of anyone getting at your switches). The same goes for administration papers on pending fee increases, financial papers... Given how cheap encryption is you have to be mad not to use it. This is related to the story that is all over the papers and TV here in NZ at the moment. It has been revealed that both main domestic airlines have policies that unaccompanied children are not seated next to men. Somehow, recently, presumably because of some stuff up in the seat allocation, cabin staff have asked men to swap seats with a woman to comply with the policy -- much to the embarrasment of the poor chap who is asked to shift. There has been much venting of spleen about PC gone mad etc. But the NZ Herald (biggest paper in the country) leader today points out (quite rightly) that the policy is a perfectly sensible low cost response to a low risk threat, but one that can have devastating consequences. Unfortunately they did not take the next logical step and tear the airlines apart for failing to properly enforce the rules at seat allocation time and leaving cabin crew to deal with embarrassed customers. I think that encrypting sensitive information on the network by default is in the same category. If there are particular cases where encryption causes additional costs that are deemed unacceptable then you make an exception for this application. But at least some gets to think about it and make an explicit decision. Russell
Current thread:
- Re: Risks of File Transfer on a Fully Switched Network, (continued)
- Re: Risks of File Transfer on a Fully Switched Network Russell Fulton (Nov 29)
- Re: Risks of File Transfer on a Fully Switched Network Richard Gadsden (Nov 29)
- Re: Risks of File Transfer on a Fully Switched Network David Gillett (Nov 29)
- Re: Risks of File Transfer on a Fully Switched Network Chad McDonald (Nov 30)
- Re: Risks of File Transfer on a Fully Switched Network wcon (Nov 30)
- Re: Risks of File Transfer on a Fully Switched Network jack suess (Nov 30)
- Re: Risks of File Transfer on a Fully Switched Network Dunker, Mary (Nov 30)
- Re: Risks of File Transfer on a Fully Switched Network Gary Flynn (Nov 30)
- Re: Risks of File Transfer on a Fully Switched Network Gary Dobbins (Nov 30)
- Re: Risks of File Transfer on a Fully Switched Network Huba Leidenfrost (Nov 30)
- Re: Risks of File Transfer on a Fully Switched Network Russell Fulton (Nov 30)
- Re: Risks of File Transfer on a Fully Switched Network Bradley Ellis (Nov 30)
- Re: Risks of File Transfer on a Fully Switched Network Cal Frye (Dec 01)
- Re: Risks of File Transfer on a Fully Switched Network Scholz, Greg (Dec 01)
- Re: Risks of File Transfer on a Fully Switched Network Gary Dobbins (Dec 01)
- Re: Risks of File Transfer on a Fully Switched Network Robert Kerr (Dec 02)
- Re: Risks of File Transfer on a Fully Switched Network Alan Amesbury (Dec 06)