Ron DuFresne says:
> A company ploicy that outlines how sensitive data is to be
> transmitted, good user training, and a strongly skilled user help
> desk/support department are the keys to keeping sensitive data out of
> the hands of those it is ment not for...not a 'big-brother' mentality.
I do not know about settings other than academia but.. here it is often
the case sensitive data are often leaked as a result of incorrectly
exported insensitive data. I supposed that while monitoring out going
traffic for deliberately and maliciously exported data would be
infeasible, that such monitor might reduce the number of accidental
breaches.
As a tangent I tend to worry about imported data. I do not find many
people really think the methods associated with various data formats.
I do not think that, as examples, that TeX and Postscript are
generally regarded full languages w/ file io that they are. I am
scared even to think about Morris/fingerd type attacks on other data
formats.
No firewall is going to prevent users from accidentally opening holes
by not anticipating the result of some configuration issue. I do not
think it is even an issue of being naive: how often have we found a
gaping new sendmail hole?
regards,
--
james
riordan @
geom .
umn .
edu http://www.math.umn.edu/~riordan
|
|
