security policy question
root at mikieboy.net
Mon Mar 4 23:29:52 GMT 2013
I am not sending this from my usual account as gmail seems to have hit
various blacklists. Even though the 2 factor auth and MITM detection seems
to be a good thing in a web-mail service. So instead i am probably going to
be giving spamd on this OBSD box a good work out.
I am looking for a bit of advice.
I work for part of the NHS and was recently given a new version of our
security policy to sign.
It contains the usual i will be a good citizen, take care of the datas,
not hand out my password or transfer data onto unencrypted memory
sticks/laptops and leave them in taxis etc.
I am generally in favor of these and usually have no problems appending my
signature but the difference between the old and new policy is the
"I further understand that I am responsible for any transactions carried
out under my personal password and code"
I have no confidence that it wouldn't be trivial for someone to get hold
of my user-name and password by methods which don't involve me being
Any advice would be very helpful before i make a nuisance of myself.
More information about the ukcrypto