[147213] in cryptography@c2.net mail archive
Re: [Cryptography] End to end
daemon@ATHENA.MIT.EDU (Christoph Gruber)
Wed Sep 18 03:27:15 2013
X-Original-To: cryptography@metzdowd.com
From: Christoph Gruber <grisu@guru.at>
In-Reply-To: <CAMOP+b4AkiJkNHJdgMCYnNKxZu5AJ890Vi56+G_U=F9mcAWLVA@mail.gmail.com>
Date: Wed, 18 Sep 2013 08:44:35 +0200
To: Max Kington <mkington@webhanger.com>
Cc: cryptography@metzdowd.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On 2013-09-17 Max Kington <mkington@webhanger.com> wrote:
[snip]
> Hence, store in the clear, keep safe at rest using today's archival mechanism and when that starts to get dated move onto the next one en-masse, for all your media not just emails.
[snip]
I would tend to agree for environments with very high regulations, where the need to comply with regulations is more important than the need to keep data confidential.
I would suggest to balance that for every organisation. The risk to disclosure is much higher if data is stored unprotected. Any admin with access to the file system is able to read it.
Maybe this could be a cultural difference between US and Europe, the regulative pressure in US is higher, in Europe the privacy is more important or more protected.
I agree that both ways may be the right implementation for an organisation, but this has to be a management decision, balancing the needs.
Best regards
--
Christoph Gruber
"If privacy is outlawed, only outlaws will have privacy." Phil Zimmermann
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
