Questions asked after data loss (Ian Batten)
Ian Batten
ukcrypto at chiark.greenend.org.uk
Fri, 22 Aug 2008 13:51:07 +0200
apologies for typos - ipod touch in the alpes maritimes.
the problem is often misapplied security. the security people make,
say, email off limits for bulk transfer. so people think they are
being helpful to their direct boss by finding a way to "get things
done". and they are often praised: perverse incentives and lack of
embedded security culture.
don't cut off channel unless you also cut off everything that's worse.
ian
On 22 Aug 2008, at 09:10, Mary Hawking
<maryhawking@tigers.demon.co.uk> wrote:
>
>> From: Ian Batten <igb@batten.eu.org>
>> Date: Fri, 22 Aug 2008 07:24:44 +0100
>>
>>
>>
>> http://news.bbc.co.uk/1/hi/uk/7575989.stm
>>
>
> The question that never seems to be asked is why the information
> needed to be on a memory stick or other portable devices in the
> first place.
>
> As a GP, my practice has just installed secure remote access ( from
> 'Awayfrommydesk' which uses logmein with a few more bells & whistles
> for the NHS).
>
> If the company consultant had a need for access outside the office,
> why not secure remote access? Or am I displaying my ignorance here?
>
> Mary Hawking
> --
> Mary Hawking
>
>