Educause Security Discussion mailing list archives
Re: Zip encryption
From: Jeffrey Schiller <jis () MIT EDU>
Date: Mon, 14 Jun 2010 21:13:26 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 06/14/2010 05:00 PM, Clifford Collins wrote:
So, how do you prevent data leakage if you allow uninspectable, sensitive content to be sent off campus via e-mail? Currently, our inbound and outbound mail filters block encrypted attachments. It's painful for some but necessary until we can find a suitable solution. It is certainly not perfect. Your thoughts?
If you are blocking encrypted attachments because of the thread of (mostly incoming?) malware, I can understand. However if your goal is block legitimate messages that happen to be encrypted, you are likely just going to drive the problem deeper. If people are bothering to encrypt their attachments, they can also bother to get and use a gmail account to send their encrypted attachments, and that you cannot block easily. -Jeff - -- ======================================================================== Jeffrey I. Schiller MIT Network Manager/Security Architect PCI Compliance Officer Information Services and Technology Massachusetts Institute of Technology 77 Massachusetts Avenue Room W92-190 Cambridge, MA 02139-4307 617.253.0161 - Voice jis () mit edu http://jis.qyv.name ======================================================================== -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFMFtOj8CBzV/QUlSsRAo/IAKDtIf5mPYDgRnKuyKoNTEpiJzIYzwCgkdEE y9HXr381GzfMwsXqQDiv0Rw= =zYhm -----END PGP SIGNATURE-----
Current thread:
- Re: Zip encryption Clifford Collins (Jun 14)
- Re: Zip encryption Valdis Kletnieks (Jun 14)
- Re: Zip encryption Jeffrey Schiller (Jun 14)