Beefy Boxes and Bandwidth Generously Provided by pair Networks
Think about Loose Coupling

Re: [OT] E-mail security

by hbo (Monk)
on Aug 16, 2004 at 01:27 UTC ( #383166=note: print w/replies, xml ) Need Help??

in reply to [OT] E-mail security

been42 has the right approach. Instead of looking for a particular technical fix, let the solution emerge from the details of the customer's requirements. "How sensitive is the data" is a crucial question. Only, you can't answer it. The customer can. Who or what will be consuming the data at the customer's site? A program? An order entry clerk? This will help dictate what sort of transfer mechanisms will be appropriate or possible.

Let's assume that there's an order entry clerk on the other end. Further, let's say the customer judges the data to be confidential in that revealing it will result in commercial disadvantage, but not sudden death, or extreme legal liability. So, that rules out encrypted email on the one hand, because the order entry clerk position turns over frequently, and a given incumbant may or may not be able to grok S/MIME or PGP/Gpg. That means the data must stay on the server (or its back-end database) after being entered by the customer. If we have good SSL and authentication in place on the web server (it's apparently good enough for the sensitive data to be entered in the first place.) why encrypt the data for storage in the database? Does the database server reside on a insecure network? You had better hope not! So store it unencrypted, and put your effort into ensuring that access mechanisms are solid. (Good passwords, stored securely, changed frequently etc.)

That's one possible set of answers to your question. But it all depends on the details of the customer requirements.

OB module link: GnuPG is a good module for encrypting stuff, as long as the other end of the conversation can deal.

"Even if you are on the right track, you'll get run over if you just sit there." - Will Rogers

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://383166]
[marto]: Rocks (YouTubes warning)
[Corion]: Your Mother: Better than Roc hunting, I guess :)
LanX WTF. Gernany beat Canada in ice hockey
[LanX]: Not fair ... I'm totally ignoring the doping games...
[Corion]: Huh? That's weird indeed... Also, I thought that the olympic games were over already, but obviously not ;)
[choroba]: And we lost to unknown sportspersons with no official dresses
[choroba]: Russia didn't send them officially, they're on vacation in Korea
[LanX]: no that was Syria! ;-)
[LanX]: And the reason is: The world’s best players aren’t at this year’s Games after the NHL stopped its athletes from leaving in the middle of the season. ... LOL
[LanX]: horoba: you like ice hockey?

How do I use this? | Other CB clients
Other Users?
Others about the Monastery: (9)
As of 2018-02-23 16:25 GMT
Find Nodes?
    Voting Booth?
    When it is dark outside I am happiest to see ...

    Results (303 votes). Check out past polls.